Lucene search
K

4 matches found

CVE
CVE
added yesterday5 views

CVE-2026-59948

CVE-2026-59948 affects Composer (PHP dependency manager). A malicious package from an untrusted repo (not Packagist.org/Private Packagist) with an invalid name could cause install/update to write attacker-controlled files outside the vendor directory and project. Root cause: failure to validate t...

7CVSS6AI score
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/03/12 6:32 p.m.9 views

@tinacms/app (>=0.0.0-0b7103c-20251216023146 <=2.3.25), @tinacms/cli (>=0.0.0-0b7103c-20251216023146 <=2.1.6) +4 more potentially affected by CVE-2026-28791 via @tinacms/graphql (>=2.0.0 <=2.1.2)

@tinacms/graphql NPM version =2.0.0, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =2.0.0, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =3.5.0 Source cves: CVE-2026-28791 Source advisory: SNYK:JS-TINACMSGRAPHQL-15518326...

7.4CVSS5.8AI score0.00325EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2021/08/25 2:41 p.m.4 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4761 more potentially affected by CVE-2021-37673 via tensorflow (>=1.0.1 <=2.3.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-37673 Source advisory: OSV:GHSA-278G-RQ84-9HMG...

5.5CVSS5.5AI score0.00154EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/11/06 5:11 p.m.7 views

1st-project (=1.0.2), @142vip/egg-sequelize (>=0.0.1 <=0.0.2) +1065 more potentially affected by CVE-2019-10748 via sequelize (>=5.10.0 <=5.8.10)

sequelize NPM version =5.10.0, =0.0.1, =0.5.0, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =1.0.1, =1.0.0, =0.2.0, =1.0.1, =1.0.2 - @aica/js-app =1.0.1 and more Source cves: CVE-2019-10748 Source advisory: OSV:GHSA-J9XP-92VC-559J...

9.8CVSS7.2AI score0.01315EPSS
Exploits1
Rows per page
Query Builder