23 matches found
@d-trattner/pidex (>=0.1.1 <=0.1.3), @tanstack/react-start (>=1.167.21 <=1.167.65) +1 more potentially affected by CVE-2026-45321 via @tanstack/react-start-rsc (>=0.0.1 <=0.0.5)
@tanstack/react-start-rsc NPM version =0.0.1, =0.1.1, =1.167.21, =0.1.0, =0.7.0 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKREACTSTARTRSC-16640211...
a-data-processing (=0.0.1), a-mailx (=0.1.0) +1227 more potentially affected by CVE-2026-44843 via langchain-core (>=0.0.1 <=0.3.83)
langchain-core PYPI version =0.0.1, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =3.2.0, =2.1.7, =0.0.2, =0.0.5 and more Source cves: CVE-2026-44843 Source advisory: SNYK:PYTHON-LANGCHAINCORE-16624521...
EUVD-2022-5737
Malicious code in bioql PyPI...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 007-nodejs (>=2.5.0 <=2.5.3) +46037 more potentially affected by CVE-2024-29415 +1 more via ip (>=0.0.1 <=2.0.1)
ip NPM version =0.0.1, =1.0.1, =2.5.0, =2.5.3 - 0726react =0.1.1 - 0me.sh =0.1.15 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 -...
better-config-loader (>=0.1.4 <=0.2.4), brainwires-skills (>=0.2.0 <=0.6.0) +62 more potentially affected by unknown CVE via libyml (>=0.0.1 <=0.0.5)
libyml CARGO version =0.0.1, =0.1.4, =0.2.0, =0.33.0, =0.14.0, =0.14.0, =0.3.0, =0.1.5, =0.9.0, =0.3.0, =0.8.0, =0.3.2, =0.1.0, =0.6.1 - fastconfig =1.2.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0067...
a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)
langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: OSV:GHSA-H5GC-RM8J-5GPR...
PT-2025-6019 · Unknown +1 · Coinremitter +1
Name of the Vulnerable Software and Affected Versions: CoinRemitter versions 0.0.1 through 0.0.2 Description: A critical issue was found in CoinRemitter on OpenCart, affecting an unknown part. The manipulation of the coin argument leads to SQL injection. It is possible to initiate the attack...
@account-kit/react (>=4.0.0 <=4.88.4), @account-kit/react-native (>=4.15.0 <=4.88.4) +50 more potentially affected by CVE-2024-57068 via @tanstack/form-core (>=0.0.1 <=0.42.0)
@tanstack/form-core NPM version =0.0.1, =4.0.0, =4.15.0, =3.13.0, =0.0.1, =0.1.1, =0.0.1, =1.0.0, =0.3.5, =0.3.3, =4.0.0 and more Source cves: CVE-2024-57068 Source advisory: OSV:GHSA-GGV3-VMGW-XV2Q...
CHANGING CGFIDO 安全漏洞
CHANGING CGFIDO is a password-less authentication system from the Chinese company CHANGING. A security vulnerability exists in CHANGING CGFIDO versions 0.0.1 to 1.1.0, which stems from an authentication bypass vulnerability in the login mechanism, which allows an unauthenticated, remote attacker ...
PT-2024-33427 · Marco Heine · Marco Heine Pdf-Rechnungsverwaltung
Name of the Vulnerable Software and Affected Versions: Marco Heine PDF-Rechnungsverwaltung versions 0.0.1 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows PHP Local File Inclusion...
a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +490 more potentially affected by CVE-2024-2965 via langchain-community (>=0.0.1 <=0.2.4)
langchain-community PYPI version =0.0.1, =0.1.0, =0.0.2, =0.0.1, =0.1.0, =0.0.1, =0.0.18, =0.2.0, =0.0.1, =0.0.2, =0.0.1, =0.0.4a1 - aicat-annotator =0.0.1 and more Source cves: CVE-2024-2965 Source advisory: OSV:GHSA-3HJH-JH2H-VRG6...
PT-2024-21971 · Ladder · Ladder
Name of the Vulnerable Software and Affected Versions: Ladder versions 0.0.1 through 0.0.21 Description: The issue allows a remote attacker to obtain sensitive information via a crafted request to the API. Recommendations: For versions 0.0.1 through 0.0.21, update to a version that contains a fix...
akasha-terminal (>=0.8.0 <=0.8.5), biochatter (>=0.3.5 <=0.4.12) +32 more potentially affected by CVE-2024-28088 via langchain-core (>=0.0.1 <=0.1.1)
langchain-core PYPI version =0.0.1, =0.8.0, =0.3.5, =0.3.16, =0.1.0, =0.0.1, =0.0.1, =0.0.5, =0.4.8, =1.7.0, =2.7.0 and more Source cves: CVE-2024-28088 Source advisory: OSV:PYSEC-2024-45...
007putra-my-bot (=1.1.1), 8mb (>=1.0.1 <=1.1.4) +753 more potentially affected by CVE-2024-24828 via pkg (>=0.0.1-1 <=5.8.1)
pkg NPM version =0.0.1-1, =1.0.1, =0.2.0, =1.0.0, =1.0.0, =2.5.16, =2.7.7, =2.7.7, =1.0.1, =3.32.1, =1.0.20-beta, =10.38.1--canary.2299.2e83683.0, =0.8.0-rc.1, =0.2.0, =1.0.0, =1.0.2 and more Source cves: CVE-2024-24828 Source advisory: OSV:GHSA-22R3-9W55-CJ54...
PT-2023-26710 · Badaso · Badaso
Name of the Vulnerable Software and Affected Versions: Badaso versions 0.0.1 through 2.9.7 Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function. This enables the execution of arbitrary code,...
hina (>=0.0.1 <=0.1.3) potentially affected by CVE-2020-36511 via bite (=0.0.5)
bite CARGO version =0.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on bite and may be impacted: - hina =0.0.1, =0.1.3 Source cves: CVE-2020-36511 Source advisory: OSV:GHSA-72R2-RG28-47V9...
GHSA-X78V-4FVJ-RG9J Camaleon CMS Stored Cross-site Scripting vulnerability
In “Camaleon CMS” application, versions 0.0.1 through 2.6.0 are vulnerable to stored XSS, that allows unprivileged application users to store malicious scripts in the comments section of the post. These scripts are executed in a victim’s browser when they open the page containing the malicious...
CVE-2021-25987 Hexo - Stored XSS
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post “body” and “tags” don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code...
Camaleon CMS 跨站脚本漏洞
CamaleonCMS is an advanced dynamic content management system CMS based on RubyonRails from the CamaleonCMS team.CamaleonCMS has a cross-site scripting vulnerability in versions 0.0.1 through 2.6.0 that stems from a lack of checksum filtering of user-supplied and output data. An attacker could...
@blueprintjs/docs (>=1.0.0 <=1.3.1), @frctl/twig (>=1.0.0-alpha.0 <=1.0.0-beta.2) +101 more potentially affected by CVE-2020-7700 via phpjs (>=0.0.1 <=1.3.2)
phpjs NPM version =0.0.1, =1.0.0, =1.0.0-alpha.0, =0.3.16, =1.2.7, =0.1.3, =1.0.1, =1.0.0, =0.7.0, =0.0.1, =0.0.9, =0.0.1-alpha.1, =0.0.1, =0.0.7 and more Source cves: CVE-2020-7700 Source advisory: OSV:GHSA-M428-JQC4-2P5J...