35669 matches found
Information Exposure
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Information Exposure in the analysis of allowlisted commands containing unquoted heredocs. An attacker can cause unintended shell expansion by crafting a command that hides malicious code...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound. An attacker can cause unexpected behavior by supplying a font where each glyph advances by an excessively large amount. Remediation Upgrade pillow to version 12.2.0 or higher. References - GitHub Advisory...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in ImagePath.Path, ImageDraw.ImageDraw.polygon, and ImageDraw.ImageDraw.line, all of which accept nested coordinates as input. An attacker can cause denial of service by supplying nested lists as coordinates,...
Arbitrary Code Injection
Overview pyp2spec is a Generate a valid Fedora specfile from Python package from PyPI Affected versions of this package are vulnerable to Arbitrary Code Injection in the process of writing package metadata into the generated spec file without escaping RPM macro directives. An attacker can execute...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication in the OVN database connection process. An attacker can gain unauthorized access to sensitive network configuration data by presenting a rogue self-signed certificate chain during the TLS handshake, which is...
Expression Language Injection
Overview org.apache.polaris:polaris-core is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this package are...
Arbitrary Code Injection
Overview org.apache.atlas:atlas-repository is an Apache Atlas Repository Module Affected versions of this package are vulnerable to Arbitrary Code Injection in the DSL search endpoint. An attacker can execute arbitrary code by placing malicious Gremlin traversal logic within grammar-allowed...
Missing Authorization
Overview org.apache.polaris:polaris-runtime-service is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization when handling HTTP request paths that have had normalizedPath applied. An attacker can gain unauthorized access to protected resources by appending a semicolon and arbitrary text to the request URL, exploiting...
Access Control Bypass
Overview MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library Affected versions of this package are vulnerable to Access Control Bypass via the exec function in the mindsdb/integrations/handlers/byomhandler/procwrapper.py component. An attacker can gain...
Arbitrary Command Injection
Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Arbitrary Command Injection via the parsecallabledetails function in codeparser.py. An attacker can execute arbitrary syst...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview astro-mcp-server is a MCP server for Astro ASO App Store Optimization data - Access keyword rankings, historical data, and app metrics Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' in t...
Use of Hard-coded Password
Overview AstrBot is a 易上手的多平台 LLM 聊天机器人及开发框架 Affected versions of this package are vulnerable to Use of Hard-coded Password in the Dashboard process due to the use of hard-coded credentials in astrbot/dashboard/routes/auth.py. An attacker can gain unauthorized access and potentially compromise...
Directory Traversal
Overview com.shopizer:shopizer is an open source e-commerce software. Affected versions of this package are vulnerable to Directory Traversal through the /api/v1/private/content/images/add endpoint when processing crafted POST requests while configured with the httpd local filesystem storage...
Server-side Request Forgery (SSRF)
Overview xhs-mcp is a XiaoHongShu CLI and MCP Server Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the xhspublishcontent MCP tool when processing the mediapaths argument. An attacker can access internal resources or perform unauthorized network requests ...
Missing Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via the command-auth.ts process. An attacker can gain unauthorized access to owner-enforced commands by sending commands from a non-owner sender when a channel plugi...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload. A malicious actor compromised the package, enabling the attacker to publish tampered versions of the deep learning framework. Malicious Behavior The execution chain ru...
Malicious Package
Overview frank-newton3-db-final is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
Embedded Malicious Code
Overview @cap-js/sqlite is a CDS database service for SQLite Affected versions of this package are vulnerable to Embedded Malicious Code that conceals an obfuscated payload designed to steal developer credentials during the package installation. The malicious versions and their contents are...
Directory Traversal
Overview notes-mcp is a MCP for managing markdown notes with YAML frontmatter Affected versions of this package are vulnerable to Directory Traversal via the rootdir or path arguments in the notesmcp.py process. An attacker can access or modify files outside the intended directory by supplying...
Directory Traversal
Overview kaggle-mcp is an A MCP server for kaggle apis Affected versions of this package are vulnerable to Directory Traversal via the preparekaggledataset function in src/kagglemcp/server.py when processing the competitionid argument. An attacker can access arbitrary files on the server by...
Arbitrary Command Injection
Overview ssh-mcp is a MCP server exposing SSH control for Linux and Windows systems via Model Context Protocol. Affected versions of this package are vulnerable to Arbitrary Command Injection via the shell.write function. An attacker can execute arbitrary system commands by supplying crafted inpu...
Insufficiently Protected Credentials
Overview ssh-mcp is a MCP server exposing SSH control for Linux and Windows systems via Model Context Protocol. Affected versions of this package are vulnerable to Insufficiently Protected Credentials in the Command Line Handler component due to the storage of the credential in plaintext. An...
Prototype Pollution
Overview jsondiffpatch is a JSON diff & patch object and array diff, text diff, multiple output formats Affected versions of this package are vulnerable to Prototype Pollution via the jsondiffpatch.patch and jsondiffpatch/formatters/jsonpatch.patch APIs. An attacker can perform prototype pollutio...
Incomplete List of Disallowed Inputs
Overview axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the isLoopback host check in the proxy helper, which relied on a static list of LOOPBACKADDRESSES. An attacker can route requests...
HTTP Response Splitting
Overview axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to HTTP Response Splitting via the isFormData and getHeaders handling in the HTTP request path. An attacker can inject arbitrary request headers by supplying a...
Allocation of Resources Without Limits or Throttling
Overview marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Tokenizer. An attacker can cause the application to exhaust system...
Protection Mechanism Failure
Overview Affected versions of this package are vulnerable to Protection Mechanism Failure in the defmodule, defmethod, or defclass methods due to insufficient deserialization guards. An attacker can achieve arbitrary code execution by supplying crafted input to Marshal.load in a Ruby application...
Malicious Package
Overview ts-moduler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview @bitunix/test is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Regular Expression Denial of Service (ReDoS)
Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the contextMatcher and pathMatcher functions. An attacker can cause the server to become unresponsive and exhaust CPU...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via ExpectedArtifactExpressionEvaluationPostProcessor, which may accept and process SpEL expressions that reference and load arbitrary classes. An attacker can execute code by supplying malicious strings as inp...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the InnoDB component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Remediation Upgrade libmysqlclient to...
Missing Origin Validation in WebSockets
Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via missing origin validation in all WebSocket endpoints. An attacker can gain unauthorized access to authenticated WebSocket sessions by tricking a logged-in administrator into visiting a malicio...
Malicious Package
Overview bignum-ts-v2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @tushar-br/desktop is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Cross-site Scripting (XSS)
Overview dompurify is a DOM-only XSS sanitizer for HTML, MathML and SVG. Affected versions of this package are vulnerable to Cross-site Scripting XSS via templates injected to a site in RETURNDOM mode. The SAFEFORTEMPLATES sanitization can be bypassed, which then allows scripts to be executed if...
Insertion of Sensitive Information Into Sent Data
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the getSinglePublicChatflow handler in chatflows/index.ts. An attacker can retrieve sensitive flow configuration by requesting a public chatflow and...
SQL Injection
Overview @saltcorn/mobile-app is a Saltcorn mobile app for Android and iOS Affected versions of this package are vulnerable to SQL Injection via the getSyncRows and getDelRows functions. An attacker can execute arbitrary SQL commands, exfiltrate sensitive data, modify or delete database contents,...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the cleanupCommand field in the PATCH /api/execution-workspaces/:id endpoint, which is stored and later executed by the server without input validation or sanitization. An attacker can execute arbitrary system...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in several API endpoints that lack proper authentication checks. An attacker can access sensitive data, perform state-changing operations, and obtain internal configuration details by sending...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the adapterConfig.instructionsFilePath configuration field, which is processed by the server during agent execution. An attacker can access sensitive files on the host filesystem by supplying...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the adapterConfig.instructionsFilePath configuration field, which is processed by the server during agent execution. An attacker can access sensitive files on the host filesystem by supplying...
Arbitrary Code Injection
Overview @apollo/protobufjs is a language-neutral, platform-neutral, extensible way of serializing structured data for use in communications protocols, data storage, and more, originally designed at Google Affected versions of this package are vulnerable to Arbitrary Code Injection through the...
Improper Neutralization of Special Elements in Data Query Logic
Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic through the GraphCypherQAChain request handling and graph.query execution path in GraphCypherQAChain.ts. An attacker can force...
Improper Neutralization of Special Elements Used in a Template Engine
Overview homeassistant-cli is a Command-line tool for Home Assistant. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the handling of user-supplied Jinja2 templates. An attacker can execute arbitrary code by convincing ...
Use of Hard-coded Credentials
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the weak default TOKENHASHSECRET. An attacker can access sensitive internal identifiers by decrypting the meta field in JWT tokens when the default secret is used,...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the ReadCLen function of the Tiano decompressor. An attacker can cause a crash by supplying specially crafted compressed firmware data that triggers a heap out-of-bounds write during decompression. Remediation...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the MakeTable in the decompression routine when bit-length values from a crafted firmware blob exceed the expected range, leading to stack memory corruption in the Count array and related decode tables. An...
Always-Incorrect Control Flow Implementation
Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to an inverted time comparison in the OIDC JWKS and token cache processes. An attacker can cause expired tokens to be reused or force repeated network requests to the OIDC provider by...