Lucene search
K

32886 matches found

Snyk
Snyk
added 2026/04/14 6:51 p.m.10 views

Out-of-bounds Write

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.7 views

Out-of-bounds Write

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.7 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.9 views

Out-of-bounds Write

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.6 views

Out-of-bounds Write

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.7 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.4 views

Out-of-bounds Write

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.3 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.7 views

Out-of-bounds Write

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.6 views

Out-of-bounds Write

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.6 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the JP2 encoder when an invalid sampling index is specified. An attacker can cause a denial of service by providing a specially crafted input file. Remediation A fix was pushed into the master branch but not yet...

6.8CVSS5.7AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.8 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:48 p.m.6 views

Uncontrolled Recursion

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.7 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.4 views

Uncontrolled Recursion

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.7 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.7 views

Uncontrolled Recursion

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.6 views

Uncontrolled Recursion

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.4 views

Uncontrolled Recursion

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.7 views

Uncontrolled Recursion

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.6 views

Uncontrolled Recursion

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.9 views

Uncontrolled Recursion

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.8 views

Uncontrolled Recursion

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:48 p.m.4 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the FX expression parser. An attacker can cause the application to crash by supplying a deeply nested expression. Remediation A fix was pushed into the master branch but not yet published. References - GitHub...

6.8CVSS5.7AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 6:13 p.m.53 views

Improper Validation of Specified Quantity in Input

Overview PowerShell is a package containing the PowerShell global tool Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the IsSafeValueVisitor function when SkipLimitCheck is true and used with Import-PowerShellDataFile. An attacker can...

8.5CVSS5.8AI score0.00536EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 4:15 p.m.9 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:leaflet is a JavaScript library for mobile-friendly interactive maps Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bindPopup method. An attacker can execute arbitrary JavaScript code in the context of a user's browser session by...

6.1CVSS5.9AI score0.00191EPSS
Exploits2References2
Snyk
Snyk
added 2026/04/14 4:15 p.m.10 views

Cross-site Scripting (XSS)

Overview leaflet is a JavaScript library for mobile-friendly interactive maps Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bindPopup method. An attacker can execute arbitrary JavaScript code in the context of a user's browser session by injecting malicious...

6.1CVSS5.9AI score0.00191EPSS
Exploits2References2
Snyk
Snyk
added 2026/04/14 4:15 p.m.11 views

Authorization Bypass Through User-Controlled Key

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in...

8.6CVSS5.8AI score0.00351EPSS
Exploits2References2
Snyk
Snyk
added 2026/04/14 4:14 p.m.9 views

Access Control Bypass

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Access Control Bypass in the LeadController.php...

8.6CVSS5.8AI score0.00351EPSS
Exploits2References2
Snyk
Snyk
added 2026/04/14 4:14 p.m.8 views

Authorization Bypass Through User-Controlled Key

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in...

8.8CVSS5.8AI score0.00624EPSS
Exploits2References2
Snyk
Snyk
added 2026/04/14 4:14 p.m.14 views

Arbitrary Code Injection

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Arbitrary Code Injection via the /admin/tinymce/uplo...

9.9CVSS6.5AI score0.00834EPSS
Exploits3References2
Snyk
Snyk
added 2026/04/14 4:14 p.m.10 views

Server-side Request Forgery (SSRF)

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the...

8.5CVSS5.8AI score0.00249EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/14 4:14 p.m.9 views

SQL Injection

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to SQL Injection via the rottenlead parameter in the...

7.1CVSS5.9AI score0.00191EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/14 3:30 p.m.8 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in select-organization.ftl - shown on the organization selection login page - since the organization.alias value is inserted into an inline JavaScript onclick handler. A user with manage-realm or...

6.9CVSS5.9AI score0.00226EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 3:30 p.m.17 views

Arbitrary Code Injection

Overview @openai/codex is a OpenAI Codex CLI Lightweight coding agent that runs in your terminal Affected versions of this package are vulnerable to Arbitrary Code Injection via the automatic loading of .env and .codex/config.toml files when executing the CLI in a compromised repository. An...

9.8CVSS6AI score0.07061EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/14 3:16 p.m.4 views

Directory Traversal

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Directory Traversal via the nfsen parameter in the nfsen.inc.php file. An attacker can execute arbitrary PHP code by...

8.7CVSS6.5AI score0.00265EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/14 3:11 p.m.5 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the profiling.sampling module of asyncio introspection capabilities feature when a privileged process connects to a malicious process via the remote debugging tool. An attacker can read and write memory...

6CVSS6AI score0.00132EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 12:31 p.m.6 views

Authorization Bypass Through User-Controlled Key

Overview @samanhappy/mcphub is an A hub server for mcp servers Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the authentication process. An attacker can gain unauthorized access to user accounts and perform actions with elevated privileges...

5.4CVSS5.8AI score0.00353EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 12:12 p.m.6 views

Malicious Package

Overview tailwindcss-style-typography is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/04/14 12:12 p.m.5 views

HTTP Request Smuggling

Overview org.eclipse.jetty:jetty-http is an is a http module for jetty server. Affected versions of this package are vulnerable to HTTP Request Smuggling in the HTTP/1.1 parser HttpParser.java. An attacker can inject additional HTTP requests with chunked transfer encoding with improperly terminat...

9.1CVSS5.7AI score0.01127EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/14 12:1 p.m.7 views

Malicious Package

Overview tailwind-typ is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/04/14 11:52 a.m.4 views

Malicious Package

Overview tailwind-stylecss-typography is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/04/14 11:48 a.m.7 views

Malicious Package

Overview chai-as-refined is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Total number of security vulnerabilities32886