Lucene search
+L

4 matches found

NVD
NVD
added 2026/03/31 4:16 p.m.5 views

CVE-2026-34220

MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to versions 6.6.10 and 7.0.6, there is a SQL injection vulnerability when specially crafted objects are interpreted as raw SQL query fragments. This issue has been patched in versions 6.6....

9.8CVSS0.00426EPSS
Exploits0References1
CVE
CVE
added 2026/03/20 9:16 a.m.27 views

CVE-2026-33124

Frigate (NVR) prior to version 0.17.0-beta1 allows any authenticated user to change their own password without providing the current password via /users/{username}/password. Affected component: password change functionality; root cause includes lack of current-password verification and no passwor...

8.8CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/01/19 6:35 p.m.10 views

EUVD-2026-3300

Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryCreated=. Version 0.70.0 fixes the issue...

9.3CVSS5AI score0.00222EPSS
Exploits1References2
OSV
OSV
added 2021/03/29 2:15 p.m.3 views

DEBIAN-CVE-2021-23358

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized...

7.2CVSS6.4AI score0.04087EPSS
Exploits2References1
Rows per page
Query Builder