35340 matches found
Cross-site Scripting (XSS)
Overview @haxtheweb/haxcms-nodejs is a HAXcms nodejs backend Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper sanitization of elements that allow javascript: URIs in the src attribute. An attacker can execute arbitrary JavaScript in the victim's browser...
Cross-site Scripting (XSS)
Overview svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of attribute spreading and dynamic name attributes within form elements. An attacker can inject malicious scripts by manipulating both the sprea...
Missing Authorization
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Missing Authorization on the /api/v1/openai-assistants-vector-store API. Any user can manipulate, delete, or exfiltrate data by sending authenticated requests to the affected endpoints without proper...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the OCSP stapling process with Apple SecTrust. An attacker can cause the client to accept invalid or revoked server certificates by exploiting the failure to properly detect OCSP response problems. Not...
Prototype Pollution
Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Prototype Pollution in the Xml class, which implements an XML node. A user with permission to create or modify workflows can achieve remote code execution on the host system. Note: This is a bypass ...
Brute Force
Overview better-auth is a The most comprehensive authentication library for TypeScript. Affected versions of this package are vulnerable to Brute Force when rate limiting is enabled which it is by default. The protections of the getIp function, which constructs rate-limiting keys based on the exa...
User Impersonation
Overview opencart/opencart is a shopping cart system Affected versions of this package are vulnerable to User Impersonation via the OCSESSID cookie. An attacker can gain unauthorized access to user accounts by injecting arbitrary values into the session cookie, allowing session takeover...
XML Injection
Overview Affected versions of this package are vulnerable to XML Injection due to the incomplete sanitization of XML comments. An attacker can inject arbitrary XML or HTML content by including three consecutive dashes in the comment value. Note: This issue was introduced by the fix for...
Arbitrary Code Injection
Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Arbitrary Code Injection despite the recently introduced neutralizeArraySpeciesBatch helper in lib/bridge.js. An attacker can execute arbitrary code ...
Null Byte Interaction Error (Poison Null Byte)
Overview Affected versions of this package are vulnerable to Null Byte Interaction Error Poison Null Byte due to inadequate validation of domain name labels and lengths in the encodeDomainName and decodeDomainName components. An attacker can cause DNS cache poisoning, bypass domain validation, or...
CRLF Injection
Overview Affected versions of this package are vulnerable to CRLF Injection in the newInitialMessage function of HttpProxyHandler when header validation is explicitly disabled and user-influenced outboundHeaders are added without sanitization. An attacker can inject arbitrary HTTP headers into...
Missing Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via the browser interaction routes. An attacker can access arbitrary files by bypassing navigation guards and leveraging browser act/evaluate interactions to pivot...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value through the source.view path in font/sfnt. An attacker can force the parser to allocate a large read buffer by supplying a corrupt or malicious font file that advertises data beyond the file's...
Improper Verification of Cryptographic Signature
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the Nostr DM ingress path. An attacker can cause unauthorized pairing challenges to be issued and consume shared pairing capacity by...
Insufficient Granularity of Access Control
Overview Affected versions of this package are vulnerable to Insufficient Granularity of Access Control inadequate authorization checks in the POST /api/agents/:id/keys, GET /api/agents/:id/keys, and DELETE /api/agents/:id/keys/:keyId routes. An attacker can gain unauthorized access to sensitive...
Use of Hard-coded Credentials
Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials when the nexus.orient.binaryListenerEnabled configuration is set to true. This option is set by default in legacy HA-C mode, but not in standalone deployments, including HA deployments. An attacker can gain...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the function parameter, which is concatenated into an API error message and rendered without HTML escaping. An attacker can execute arbitrary JavaScript code in the context of a backend user's session by...
Improper Validation of Unsafe Equivalence in Input
Overview fast-jwt is a Fast JSON Web Token implementation Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the cacheKeyBuilder function when custom implementations do not generate unique keys for different tokens, leading to cache collision...
Malicious Package
Overview mona-max is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object...
Cross-site Scripting (XSS)
Overview @earendil-works/pi-coding-agent is a Coding agent CLI with read, bash, edit, write tools and session management Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper sanitization of Markdown link and image URLs during HTML session export. An attacker c...
Malicious Package
Overview ts-ecro is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ParseDepedencyExpression function of the UEFI firmware image parser when an attacker provides a specially crafted opcode value. An attacker can cause a denial of service or potentially disclose minor informatio...
Malicious Package
Overview omglucidesotuff is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...
Malicious Package
Overview ishowfeet9 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisi...
Malicious Package
Overview backupsitetuff6 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...
Malicious Package
Overview howmanygreatbritain is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code linked to the "Miasma" supply chain attack targeting the @redhat-cloud-services npm namespace. A malicious actor compromised the publication pipeline and published versions containing malicious code that includes...
Malicious Package
Overview @cloudplatform-single-spa/business-solutions is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...
Malicious Package
Overview foundry-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview lint-builder-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Improper Authentication
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Malicious Package
Overview truffle-config-helper is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Division by zero
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Allocation of Resources Without Limits or Throttling
Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Allocation of Resources Without...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Out-of-bounds Write
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Malicious Package
Overview supabase-javascript is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal due to insufficient path sanitization in the osfs.ChrootOS component. An attacker can gain unauthorized access to unintended filesystem locations by supplying crafted paths containing directory traversal sequences...
Directory Traversal
Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Directory Traversal via the createmodelversion function. An attack...
Arbitrary Code Injection
Overview mermaid is a package for generation of diagrams and flowcharts from text in a similar manner as markdown. Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper sanitization of the classDef function in state diagrams. An attacker can inject arbitrary...
Cross-site Scripting (XSS)
Overview org.opencms:opencms-core is a Java open source content management system by Alkacon Software. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the updateModelGroups.jsp process. An attacker can execute arbitrary scripts in the context of a user's browser by...
Server-side Request Forgery (SSRF)
Overview nuxt-og-image is an Enlightened OG Image generation for Nuxt. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to inadequate validation of user-supplied URLs in the isBlockedUrl process. An attacker can access internal network resources or sensitiv...
Improper Authentication
Overview fast-jwt is a Fast JSON Web Token implementation Affected versions of this package are vulnerable to Improper Authentication in the async key resolver when it returns an empty string or zero-length buffer. An attacker can gain unauthorized access and assume arbitrary identities by forgin...
Incorrect Authorization
Overview codechecker is an analyzer tooling, defect database and viewer extension Affected versions of this package are vulnerable to Incorrect Authorization via the Authentication endpoint functions, including getAuthorisedNames, getPermissionsForUser, hasPermission, addPermission, and...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the InnoDB component. An attacker can cause the server to hang or crash repeatedly by sending crafted requests over the network with high privileges. Remediation Upgrade...
HTTP Response Splitting
Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect through the redirecturi parameter in multiple endpoints ForgotPassword, MagicLinkLogin, Signup, InviteMembers, OAuthLoginHandler, VerifyEmailHandler which is not validated against AllowedOrigins. An attacker can obtain...
Server-side Request Forgery (SSRF)
Overview @clerk/backend is a Clerk Backend SDK - REST Client for Backend API & JWT verification utilities Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the clerkFrontendApiProxy function. An attacker can obtain secret keys by crafting a request path that...