Lucene search
K

8 matches found

OSV
OSV
added 2026/05/19 11:54 p.m.10 views

MAL-2026-4451 Malicious code in @tailwind-core/vite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f9a00740b85c3ce7b36a9ba242f3eccc9ebf3d4f626ab911342c50d63b48805 The package name @tailwind-core/vite impersonates the official @tailwindcss/vite plugin from tailwindlabs, and its package.json declares three...

5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.3 views

Mintlify 安全漏洞

Mintlify is an AI-powered documentation platform from US-based Mintlify. A security vulnerability exists in versions of Mintlify prior to 2025-11-15, which stems from not validating the repository owner in the GitHub Integration API, potentially leading to the disclosure of sensitive information...

5CVSS6.4AI score0.00368EPSS
Exploits1References5
Prion
Prion
added 2024/02/20 10:15 p.m.12 views

Design/Logic Flaw

kedi ElectronCord is a bot management tool for Discord. Commit aaaeaf4e6c99893827b2eea4dd02f755e1e24041 exposes an account access token in the config.json file. Malicious actors could potentially exploit this vulnerability to gain unauthorized access to sensitive information or perform malicious...

5CVSS6.9AI score0.00539EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/05/16 8:32 a.m.6 views

git: Bypass of safe.directory protections

A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This issue allows the owner of the repository to cause arbitrary commands to be executed by...

7.8CVSS7.3AI score0.00445EPSS
Exploits0References4
Amazon
Amazon
added 2022/07/15 12:0 a.m.54 views

Medium: git

Issue Overview: A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This allows the owner of the repository to cause arbitrary commands to be...

7.8CVSS7.2AI score0.00782EPSS
Exploits0
Hacker One
Hacker One
added 2019/02/16 7:34 a.m.34 views

GitLab: Persistent XSS via e-mail when creating merge requests

Summary: The vulnerability consists in the ability to create branch names that contain characters such as /. This branch name is sent via e-mail which is rendered as HTML. Description: One way to exploit this is by forking a repository. Then an attacker would create a branch called alert1 and mak...

3.5CVSS5.3AI score0.00789EPSS
Exploits1
Hacker One
Hacker One
added 2018/06/01 2:42 p.m.42 views

Starbucks: Information Leak - Github - JMS Information

Hi, After some research, I found a leak on GitHub that might lead to accessing sensitive data of employees or clients not sure based on the code. There is also a SAP S-user to access a cloud based HANA service. I have not confirmed what kind of data is in there to avoid potential legal issues. I...

0.2AI score
Exploits0
FreeBSD
FreeBSD
added 2008/12/20 12:0 a.m.14 views

git -- gitweb privilege escalation

Git maintainers report: gitweb has a possible local privilege escalation bug that allows a malicious repository owner to run a command of his choice by specifying diff.external configuration variable in his repository and running a crafted gitweb query...

5.5AI score
Exploits0References2
Rows per page
Query Builder