Lucene search
K

18 matches found

vulnersOsv
vulnersOsv
added 2026/05/14 4:37 p.m.6 views

@ardeora/start-devtools (>=1.0.0 <=1.0.1), @carvajalconsultants/headstart (>=1.0.0 <=1.0.2) +29 more potentially affected by unknown CVE via @tanstack/start-server-core (>=1.121.0-alpha.28 <=1.167.3)

@tanstack/start-server-core NPM version =1.121.0-alpha.28, =1.0.0, =1.0.0, =0.0.14, =0.3.0, =0.3.0, =1.20.3-alpha.1, =1.111.10, =1.121.23, =0.0.1, =1.121.0-alpha.28, =1.20.3-alpha.1, =1.114.29, =1.121.23, =1.121.0-alpha.28, =1.97.4, =1.120.20 and more Source cves: unknown CVE Source advisory:...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/14 4:37 p.m.9 views

@ardeora/start-devtools (>=1.0.0 <=1.0.1), @carvajalconsultants/headstart (>=1.0.0 <=1.0.2) +29 more potentially affected by unknown CVE via @tanstack/start-server-core (>=1.121.0-alpha.28 <=1.167.3)

@tanstack/start-server-core NPM version =1.121.0-alpha.28, =1.0.0, =1.0.0, =0.0.14, =0.3.0, =0.3.0, =1.20.3-alpha.1, =1.111.10, =1.121.23, =0.0.1, =1.121.0-alpha.28, =1.20.3-alpha.1, =1.114.29, =1.121.23, =1.121.0-alpha.28, =1.97.4, =1.120.20 and more Source cves: unknown CVE Source advisory:...

5.5AI score
Exploits0
Snyk
Snyk
added 2026/05/14 4:37 p.m.5 views

Access of Resource Using Incompatible Type ('Type Confusion')

Overview Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' through an upstream type-confusion bug in seroval package. An attacker can trigger unintended execution of a different client-referenced server function by sending a specially...

6.3CVSS5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:7 a.m.11 views

Malicious code in @tanstack/solid-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a9f623ce85c893266087d3eeb9812938d0f3eea0ddb33cd735589c104dafb8e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 12:7 a.m.9 views

MAL-2026-3486 Malicious code in @tanstack/solid-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a9f623ce85c893266087d3eeb9812938d0f3eea0ddb33cd735589c104dafb8e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:2 a.m.9 views

Malicious code in @tanstack/start-server-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7db0631bb410a51551790c0b55b574d53aea5d7a677439e6f3cf877503317658 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 12:2 a.m.7 views

MAL-2026-3490 Malicious code in @tanstack/start-server-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7db0631bb410a51551790c0b55b574d53aea5d7a677439e6f3cf877503317658 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 11:58 p.m.8 views

Malicious code in @tanstack/vue-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a2e72fba4613219c26e8bfb79da1c3db3666a9e7dc945f1b064e95aa04a5ac5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/11 11:58 p.m.4 views

MAL-2026-3500 Malicious code in @tanstack/vue-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a2e72fba4613219c26e8bfb79da1c3db3666a9e7dc945f1b064e95aa04a5ac5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 11:52 p.m.10 views

Malicious code in @tanstack/react-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 048a583947c3ecbeb540293e0de5d513e84f0ea2793ca31ee5d2a76d4f750ddd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/11 11:52 p.m.10 views

MAL-2026-3471 Malicious code in @tanstack/react-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 048a583947c3ecbeb540293e0de5d513e84f0ea2793ca31ee5d2a76d4f750ddd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.7 views

@tanstack/vue-start (>=1.141.0 <=1.167.58) potentially affected by CVE-2026-45321 via @tanstack/vue-start-server (>=1.141.0 <=1.166.5)

@tanstack/vue-start-server NPM version =1.141.0, =1.141.0, =1.167.58 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKVUESTARTSERVER-16640255...

9.6CVSS7.4AI score0.02342EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.5 views

@tanstack/solid-start (>=1.121.0-alpha.28 <=1.167.62) potentially affected by CVE-2026-45321 via @tanstack/solid-start-server (>=1.121.0-alpha.28 <=1.166.51)

@tanstack/solid-start-server NPM version =1.121.0-alpha.28, =1.121.0-alpha.28, =1.167.62 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKSOLIDSTARTSERVER-16640235...

9.6CVSS8AI score0.02342EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.9 views

@ardeora/start-devtools (>=1.0.0 <=1.0.1), @carvajalconsultants/headstart (>=1.0.0 <=1.0.2) +31 more potentially affected by CVE-2026-45321 via @tanstack/start-server-core (>=1.121.0-alpha.28 <=1.167.30)

@tanstack/start-server-core NPM version =1.121.0-alpha.28, =1.0.0, =1.0.0, =0.1.1, =0.0.14, =0.3.0, =0.3.0, =1.20.3-alpha.1, =1.111.10, =1.121.23, =0.0.1, =1.121.0-alpha.28, =1.20.3-alpha.1, =1.114.29, =1.121.23, =1.121.0-alpha.28, =2.0.0-alpha.9 and more Source cves: CVE-2026-45321 Source...

9.6CVSS8AI score0.02342EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.9 views

@d-trattner/pidex (>=0.1.1 <=0.1.3), @tanstack/react-start (>=1.121.0-alpha.28 <=1.167.65) +3 more potentially affected by CVE-2026-45321 via @tanstack/react-start-server (>=1.121.0-alpha.28 <=1.166.52)

@tanstack/react-start-server NPM version =1.121.0-alpha.28, =0.1.1, =1.121.0-alpha.28, =0.0.1, =0.1.0, =0.0.0-dev, =0.23.0 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKREACTSTARTSERVER-16640213...

9.6CVSS7.5AI score0.02342EPSS
Exploits3
OSV
OSV
added 2021/12/10 12:15 a.m.3 views

ALPINE-CVE-2021-43803

Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom...

7.5CVSS6.7AI score0.44824EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/11/09 6:32 p.m.7 views

python: Information disclosure via pydoc

A flaw was found in Python 3's pydoc. This flaw allows a local or adjacent attacker who discovers or can convince another local or adjacent user to start a pydoc server to access the server and then use it to disclose sensitive information belonging to the other user that they would not normally...

5.7CVSS6.7AI score0.01863EPSS
Exploits0References4
0day.today
0day.today
added 2020/07/26 12:0 a.m.287 views

INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Exploit

Exploit for multiple platform in category web applications Exploit Title: INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Exploit Author: Patrick Hener, SySS GmbH Many credits go to Dr. Benjamin Heß, SySS GmbH for helping with php oddities and the powershell payload Advisory:...

9.7AI score0.16585EPSS
Exploits5
Rows per page
Query Builder