Lucene search
K

33544 matches found

Snyk
Snyk
•added 2026/04/14 1:11 a.m.•6 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the cross-domain redirects that do not strip custom authentication headers such as X-API-Key, X-Auth-Token, Api-Key, Token. An attacker can obtain sensitive...

7.7CVSS5.8AI score0.00486EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 1:11 a.m.•4 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the cross-domain redirects that do not strip custom authentication headers such as X-API-Key, X-Auth-Token, Api-Key, Token. An attacker can obtain sensitive...

7.7CVSS5.8AI score0.00486EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 1:8 a.m.•6 views

LDAP Injection

Overview mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. Affected versions of this package are vulnerable to LDAP Injection through the Ldap authentication handler in mitmproxy/addons/proxyauth.py. An attacker can...

8.3CVSS5.8AI score0.00166EPSS
Exploits1References2
Snyk
Snyk
•added 2026/04/14 1:7 a.m.•4 views

Origin Validation Error

Overview org.asynchttpclient:async-http-client is a maven plugin for the Async Http Client AHC classes. Affected versions of this package are vulnerable to Origin Validation Error in the Redirect30xInterceptor class. An attacker in control of a cross-origin redirect target via a different exploit...

8.9CVSS5.8AI score0.00326EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 1:7 a.m.•4 views

Authorization Bypass Through User-Controlled Key

Overview fatfreecrm is a customer relationship management platform. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the destroy action in app/controllers/emailscontroller.rb. An attacker can delete another user’s email record by sending...

4.2CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 1:6 a.m.•6 views

Incomplete List of Disallowed Inputs

Overview Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the getApiToken method when rendering invoice templates via the Twig sandbox environment. An attacker can access hashed API tokens of users by embedding calls to this method in a custom invoice...

2CVSS5.7AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 1:5 a.m.•4 views

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the OverlappingFieldsCanBeMerged validation process. An attacker can cause excessive CPU usage and resource exhaustion by submitting queries containing thousands of repeated fields with the sam...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 12:15 a.m.•5 views

Uncontrolled Recursion

Overview @nestjs/microservices is a Nest - modern, fast, powerful node.js web framework @microservices Affected versions of this package are vulnerable to Uncontrolled Recursion through the handleData function in packages/microservices/helpers/json-socket.ts. An attacker can crash the TCP...

8.7CVSS5.7AI score0.00329EPSS
Exploits0References3
Snyk
Snyk
•added 2026/04/14 12:7 a.m.•7 views

Malicious Package

Overview getcardslib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 12:4 a.m.•4 views

Missing Authentication for Critical Function

Overview github.com/minio/minio/cmd is an open source object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the PutObjectExtractHandler, PutObjectHandler, and PutObjectPartHandler function. An...

8.8CVSS5.8AI score0.00418EPSS
Exploits0References3
Snyk
Snyk
•added 2026/04/14 12:4 a.m.•9 views

Arbitrary Argument Injection

Overview @aiondadotcom/mcp-ssh is a MCP Agent for managing SSH hosts - A Model Context Protocol server for SSH operations Affected versions of this package are vulnerable to Arbitrary Argument Injection via improper handling of the hostAlias, command, localPath, or remotePath arguments. An attack...

8.8CVSS6AI score
Exploits0References3
Snyk
Snyk
•added 2026/04/14 12:3 a.m.•4 views

Directory Traversal

Overview excel-mcp-server is an Excel MCP Server for manipulating Excel files Affected versions of this package are vulnerable to Directory Traversal via the getexcelpath function. An attacker can read, write, overwrite, and create arbitrary files and directories on the host filesystem by supplyi...

9.4CVSS6.3AI score0.00391EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 12:0 a.m.•6 views

Malicious Package

Overview admin0911 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:57 p.m.•4 views

Malicious Package

Overview @adac-fahrzeugplattform/ui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•6 views

Off-by-one Error

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•8 views

Off-by-one Error

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•11 views

Off-by-one Error

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•6 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•8 views

Off-by-one Error

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•7 views

Off-by-one Error

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•5 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•6 views

Off-by-one Error

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•5 views

Off-by-one Error

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•6 views

Off-by-one Error

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•7 views

Off-by-one Error

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•8 views

Off-by-one Error

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•8 views

Off-by-one Error

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•6 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•6 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•7 views

Off-by-one Error

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•5 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•8 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:8 p.m.•9 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the MSL decoder process. An attacker can cause a crash by providing a specially crafted MSL file. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Commit ...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•7 views

Use After Free

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•6 views

Use After Free

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•6 views

Use After Free

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•3 views

Use After Free

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•4 views

Use After Free

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•5 views

Use After Free

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•6 views

Use After Free

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•8 views

Use After Free

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•9 views

Use After Free

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•7 views

Use After Free

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•7 views

Use After Free

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•5 views

Use After Free

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•4 views

Use After Free

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•10 views

Use After Free

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•11 views

Use After Free

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•4 views

Use After Free

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/13 11:6 p.m.•7 views

Use After Free

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Total number of security vulnerabilities33544