35669 matches found
Active Debug Code
Overview Affected versions of this package are vulnerable to Active Debug Code via improper handler registration on the shared http.DefaultServeMux. An attacker can gain unauthorized access to sensitive debug and metrics endpoints by sending crafted requests, potentially exposing process command...
Active Debug Code
Overview Affected versions of this package are vulnerable to Active Debug Code via improper handler registration on the shared http.DefaultServeMux. An attacker can gain unauthorized access to sensitive debug and metrics endpoints by sending crafted requests, potentially exposing process command...
Authorization Bypass Through User-Controlled Key
Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment via the assignRoleToUser and assignRoleToGroup handlers. An attacker can gain unauthorized administrative privileges by assigning high-privilege roles, such as the built-in admin role, to themselves or...
Regular Expression Denial of Service (ReDoS)
Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...
Authorization Bypass Through User-Controlled Key
Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error in the OIDC discovery process when the X-Forwarded-Host header is not validated and no allowed-hosts list is configured. An attacker can manipulate the issuer and JWKS URI in the discovery document by supplying a...
Inefficient Algorithmic Complexity
Overview pathway is a Pathway Live Data Framework is a data processing framework which takes care of streaming data updates for you. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity via the document store process. An attacker can exhaust system resources by...
Authorization Bypass Through User-Controlled Key
Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...
Server-side Request Forgery (SSRF)
Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...
HTTP Request Smuggling
Overview webrick is a HTTP server toolkit that can be configured as an HTTPS server, a proxy server, and a virtual-host server. Affected versions of this package are vulnerable to HTTP Request Smuggling in the request process. An attacker can bypass request boundaries and interfere with HTTP...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the ParseObjectContext and parseArray functions due to recursive parsing of nested PDF objects without enforcing a maximum nesting depth. An attacker can cause resource exhaustion and application unavailability...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the ParseObjectContext and parseArray functions due to recursive parsing of nested PDF objects without enforcing a maximum nesting depth. An attacker can cause resource exhaustion and application unavailability...
External Control of File Name or Path
Overview recce is an Environment diff tool for dbt Affected versions of this package are vulnerable to External Control of File Name or Path via the query run API when configured with a DuckDB-backed project. An attacker can access or modify local files accessible to the server process, potential...
User Impersonation
Overview 9router is a 9Router CLI - Start and manage 9Router server Affected versions of this package are vulnerable to User Impersonation via the isLocalRequest function. An attacker can gain unauthorized access to restricted routes and interact with child processes by spoofing the Host and Orig...
Use of Hard-coded Credentials
Overview 9router is a 9Router CLI - Start and manage 9Router server Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the SECRET assignment process. An attacker can gain unauthorized access to the dashboard and API by forging a valid authtoken cookie using the...
Missing Authorization
Overview kiwitcms is a Test Case Management System Affected versions of this package are vulnerable to Missing Authorization in the /init-db/ process. An attacker can access administrative setup functionality by sending requests to this endpoint after initial use. This is only exploitable if the...
Insufficient Verification of Data Authenticity
Overview simplesamlphp/simplesamlphp is a PHP implementation of a SAML 2.0 service provider and identity provider, also compatible with Shibboleth 1.3 and 2.0. Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the processing of SAML responses wh...
Improper Handling of Windows DATA Alternate Data Stream
Overview Affected versions of this package are vulnerable to Improper Handling of Windows DATA Alternate Data Stream in the FilePage process on Windows systems when handling filenames with NTFS-equivalent suffixes such as ::$DATA, a trailing dot, or a trailing space. An attacker can obtain the ra...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization through the add and remove endpoints for timesheet favorites. An attacker can manipulate another user's favorite bookmark state by referencing the victim's timesheet identifier, allowing unauthorized addition or...
Improper Authentication
Overview fast-mcp-telegram is a Multi-tenant Telegram gateway for AI agents — HTTP+stdio transport, 8 agent-optimized tools, MTProto User API Affected versions of this package are vulnerable to Improper Authentication via the SessionFileTokenVerifier.verifytoken process. An attacker can gain...
Improper Neutralization of Data within XPath Expressions ('XPath Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Data within XPath Expressions 'XPath Injection' through the XPath Transform process. An attacker can cause the application to become unresponsive or crash by sending specially crafted messages that exploit thi...
Improper Neutralization of Data within XPath Expressions ('XPath Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Data within XPath Expressions 'XPath Injection' through the XPath Transform process. An attacker can cause the application to become unresponsive or crash by sending specially crafted messages that exploit thi...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the HTTPArtifact::receive process. An attacker can gain unauthorized access to arbitrary user accounts by crafting a forged unsigned assertion from a malicious or lower-trust identity provider within t...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the HTTPArtifact::receive process. An attacker can gain unauthorized access to arbitrary user accounts by crafting a forged unsigned assertion from a malicious or lower-trust identity provider within t...
Arbitrary Argument Injection
Overview linuxfabrik-lib is a Python libraries used in various Linuxfabrik projects, including the 'Linuxfabrik Monitoring Plugins' project. Affected versions of this package are vulnerable to Arbitrary Argument Injection in the configuration of the sudoers file, which allows arbitrary arguments ...
Regular Expression Denial of Service (ReDoS)
Overview @asymmetric-effort/nogginlessdom is an A zero-dependency testing framework with comprehensive test runner, assertions, DOM simulation, and mocking, built on node:test and node:assert Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the...
Directory Traversal
Overview @asymmetric-effort/nogginlessdom is an A zero-dependency testing framework with comprehensive test runner, assertions, DOM simulation, and mocking, built on node:test and node:assert Affected versions of this package are vulnerable to Directory Traversal via the matchFileSnapshot functio...
Missing Authorization
Overview 9router is a 9Router CLI - Start and manage 9Router server Affected versions of this package are vulnerable to Missing Authorization via the POST /api/tunnel/tailscale-install route handler, which accepts a JSON body containing a sudoPassword field and pipes it, along with the contents o...
Use of GET Request Method With Sensitive Query Strings
Overview @nuxt/ui is an A UI Library for Modern Web Apps, powered by Vue & Tailwind CSS. Affected versions of this package are vulnerable to Use of GET Request Method With Sensitive Query Strings via the UForm and UAuthForm components when the server-side rendered form omits the method attribute...
Regular Expression Denial of Service (ReDoS)
Overview jsonata is a JSON query and transformation language Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the $toMillis function. An attacker can cause resource exhaustion by providing specially crafted inputs that trigger excessive backtracki...
Regular Expression Denial of Service (ReDoS)
Overview org.webjars.npm:jsonata is a JSON query and transformation language Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the $toMillis function. An attacker can cause resource exhaustion by providing specially crafted inputs that trigger...
Missing Authorization
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Missing Authorization in the actionMoveFolder process. An attacker can remove destination folders and their contents without having delete permissions on the destination by initiating a force...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the newAttributes parameter in the bulk duplicate process. An attacker can overwrite existing elements...
Missing Authorization
Overview @grackle-ai/plugin-core is a Core plugin for Grackle — gRPC handlers, reconciliation phases, and event subscribers Affected versions of this package are vulnerable to Missing Authorization due to inconsistent enforcement of authorization checks in the tool layer. An attacker can gain...
Missing Authorization
Overview @grackle-ai/auth is an Authentication and authorization primitives for Grackle Affected versions of this package are vulnerable to Missing Authorization due to inconsistent enforcement of authorization checks in the tool layer. An attacker can gain unauthorized access to perform cross-ta...
Missing Authorization
Overview @grackle-ai/mcp is a MCP Model Context Protocol server for Grackle — translates MCP tool calls to ConnectRPC Affected versions of this package are vulnerable to Missing Authorization due to inconsistent enforcement of authorization checks in the tool layer. An attacker can gain...
Improper Authorization
Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Improper Authorization through the Mysqls.add process. An attacker can create databases and users on unauthorized MySQL servers by supplying a disallowed server index in the API...
Authorization Bypass Through User-Controlled Key
Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the customeremail.php process. An attacker can access other users' allowed sender aliases by supplying arbitrary senderid values in...
Command Injection
Overview electerm is an open-sourced terminal/ssh/telnet/serialport/sftp client Affected versions of this package are vulnerable to Command Injection via the rmrf, mv, and cp functions. An attacker can execute arbitrary commands by supplying specially crafted file names containing shell...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the unauthenticated GET /api/v1/oauth and GET /api/v1/oauth/:id endpoints, which serialize and return sensitive fields such as clientsecret in the response. An attacker can obtain...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the unauthenticated GET /api/v1/oauth and GET /api/v1/oauth/:id endpoints, which serialize and return sensitive fields such as clientsecret in the response. An attacker can obtain...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the unauthenticated GET /api/v1/oauth and GET /api/v1/oauth/:id endpoints, which serialize and return sensitive fields such as clientsecret in the response. An attacker can obtain...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the unauthenticated GET /api/v1/oauth and GET /api/v1/oauth/:id endpoints, which serialize and return sensitive fields such as clientsecret in the response. An attacker can obtain...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the unauthenticated GET /api/v1/oauth and GET /api/v1/oauth/:id endpoints, which serialize and return sensitive fields such as clientsecret in the response. An attacker can obtain...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the unauthenticated GET /api/v1/oauth and GET /api/v1/oauth/:id endpoints, which serialize and return sensitive fields such as clientsecret in the response. An attacker can obtain...
Directory Traversal
Overview electerm is an open-sourced terminal/ssh/telnet/serialport/sftp client Affected versions of this package are vulnerable to Directory Traversal via the prepareReceiveFile and getUniqueFilePath processes. An attacker can write files to arbitrary locations on the user's filesystem by...
Inefficient Algorithmic Complexity
Overview @conform-to/dom is an A set of opinionated helpers built on top of the Constraint Validation API Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the parseSubmission process. An attacker can cause excessive CPU consumption by submitting forms with...
Arbitrary Argument Injection
Overview @grackle-ai/powerline is a gRPC PowerLine server for Grackle AI agent integration Affected versions of this package are vulnerable to Arbitrary Argument Injection via unsanitized input to the branch parameter in the SpawnSession process. An attacker can execute arbitrary commands as the...
Arbitrary Argument Injection
Overview @grackle-ai/runtime-sdk is a Grackle runtime SDK — interfaces, base classes, shared utilities, and runtime installer Affected versions of this package are vulnerable to Arbitrary Argument Injection via unsanitized input to the branch parameter in the SpawnSession process. An attacker can...