Symlink Traversal

n8n is vulnerable to symlink traversal. The vulnerability is due to improper handling of symbolic links in the Read/Write File node, which allows an attacker to bypass directory restrictions and read or write to otherwise inaccessible paths...

Cross-site Scripting (XSS)

com.liferay.portal, release.portal.bom is vulnerable to Stored DOM-based Cross-Site Scripting XSS. The vulnerability is due to improper handling of DDM structure field labels in the Asset Publisher configuration UI within the Source.js module, where values are inserted into the DOM using innerHTM...

Cross-Site Request Forgery (CSRF)

com.liferay.portal, release.portal.bom is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to improper validation of the endpoint parameter, which allows an attacker to perform cross-origin requests on behalf of an authenticated user...

SQL Injection

moonshine/moonshine is vulnerable to SQL injection. The vulnerability is due to improper handling of the Data parameter in the Blog module, which allows an attacker to inject malicious SQL queries...

Arbitrary File Upload

moonshine/moonshine is vulnerable to arbitrary file upload. The vulnerability is due to improper validation of uploaded SVG files, which allows an attacker to execute arbitrary code...

Cross-site Scripting (XSS)

moonshine/moonshine is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the application allowing malicious HTML payloads in the Name parameter when creating a new Admin, leading to arbitrary JavaScript execution...

Cross-site Scripting (XSS)

Liferay Portal is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper handling of the comliferayjournalwebportletJournalPortletbackURL parameter, which allows injection of malicious JavaScript code...

Sensitive Information Disclosure

Liferay Portal is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper access control due to weak validation in the calendar feature, which allows authenticated users to enumerate other users’ calendars and use this information for phishing attacks...

Memory Leakage

Libtiff.so is vulnerable to Memory Leak. The vulnerability is due to improper memory management due to flaws in the TIFFmallocExt, TIFFCheckRealloc, TIFFHashSetNew, and InitCCITTFax3 functions in tiffcmp.c, which allow local attackers to trigger memory leaks...

Command Injection

screenshot-desktop is vulnerable to command injection. The vulnerability is due to unsanitized user-controlled input being passed into the format option of the screenshot function, which allows an attacker to execute arbitrary commands with the privileges of the calling process...

Cross-Site Scripting (XSS)

express-gateway is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input handling in lib/rest/routes/users.js of the REST Endpoint, which allows an attacker to execute malicious scripts remotely...

Cross-Site Scripting (XSS)

express-gateway is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input handling in the REST Endpoint lib/rest/routes/apps.js, which allows an attacker to remotely inject and execute malicious scripts...

Improper TLS Configuration

github.com/hydraide/hydraide is vulnerable to improper TLS configuration. The vulnerability is due to the client using only RootCAs without proper certificate verification and the server lacking ClientCAs and ClientAuth, which allows an attacker to perform man-in-the-middle MITM attacks and read...

Type Confusion

V8 in Google Chrome is vulnerable to Type Confusion. The vulnerability is due to improper handling of object types in the V8 JavaScript engine, which allows a remote attacker to exploit heap corruption by supplying a crafted HTML page...

Missing Authorization

Liferay Portal is vulnerable to Missing Authorization. The vulnerability is due to improper access control due to authenticated users being able to modify the content of calendar portlet emails, allowing attackers to send phishing emails to other users in the same organization...

Cross-site Scripting (XSS)

Liferay Portal is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization due to the message boards feature allowing remote authenticated attackers to inject malicious JavaScript via the web interface...

Reflected Cross-Site Scripting (Reflected XSS)

com.liferay, com.liferay.expando.web are vulnerable to reflected cross-site scripting XSS. The vulnerability is due to improper input validation of the comliferayexpandowebportletExpandoPortletdisplayType parameter, which allows an attacker to inject and execute arbitrary JavaScript code in a...

Cross-Site Scripting (XSS)

Mermaid is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to user-supplied input for architecture diagram icons being passed to the d3 html method, which allows an attacker to inject and execute malicious scripts...

Cross-Site Scripting (XSS)

Mermaid is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to user-supplied input for sequence diagram labels being passed to innerHTML during element size calculation, which allows an attacker to inject and execute malicious scripts...

Blind Server Side Request Forgery (SSRF)

johnbillion/wp-crontrol plugin is vulnerable to Blind Server Side Request Forgery SSRF. The vulnerability is due to improper use of the wpremoterequest function, which allows an attacker with Administrator-level access to send arbitrary web requests and interact with internal services...

Use Of Default Credentials

nginx-defender is vulnerable to Use of Default Credentials. The vulnerability is due to insecure configuration due to default administrative passwords being present in example configuration files, allowing attackers with network access to gain full administrative control if not changed...

Namespace Label Injection

github.com/projectcapsule/capsule is vulnerable to namespace label injection. The vulnerability is due to improper validation of labels in system namespaces, which allows an attacker to inject arbitrary labels, bypass multi-tenant isolation, and escalate privileges to access cross-tenant resource...

Denial Of Service (DoS)

org.bouncycastle, bc-fips is vulnerable to Denial Of Service DoS. The vulnerability is due to excessive allocation in the org.Bouncycastle.Crypto.Fips.NativeLoader module, which allows an attacker to exhaust system resources and cause a denial of service...

Cross-site Scripting (XSS)

n8n is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user-supplied HTML input due to malicious payloads being injected via or elements in the Form Trigger node, allowing account takeover through stolen session cookies...

Improper Access Control

@astrojs/node is vulnerable to Improper Access Control. The vulnerability is due to improper validation of image source domains in the image optimization endpoint, which allows an attacker to bypass third-party domain restrictions using protocol-relative URLs and serve unauthorized external image...

Account Takeover

debug is vulnerable to Account Takeover. The vulnerability is due to a compromised npm publishing account, which allowed an attacker to publish a malicious patch version 4.4.2 that injects browser-side malware, enabling redirection of cryptocurrency transactions e.g., MetaMask to...

Directory Traversal

github.com/containers/podman is vulnerable to Directory Traversal.The vulnerability is due to a lack of symlink canonicalization and host-path validation; this allows an attacker who supplies a malicious Kubernetes YAML to cause podman to write the ConfigMap/Secret data contents are defined by th...

Directory Traversal

Copier is vulnerable to Directory Traversal. The vulnerability is due to safe templates being able to write files outside the destination path using Jinja filters and configuration variables...

Cross-site Scripting (XSS)

librenms/librenms is vulnerable to stored cross-site scripting XSS. The vulnerability is due to malicious JavaScript being allowed in the Alert Template creation feature, which executes when the template is rendered...

Authentication Bypass

Liferay Portal is vulnerable to Authentication Bypass. The vulnerability is due to improper request method validation due to MFA-enabled login requests allowing attackers to bypass authentication by changing the POST method to GET...

Cross-Site WebSocket Hijacking (CSWSH)

github.com/komari-monitor/komari is vulnerable to Cross-Site WebSocket Hijacking CSWSH. The vulnerability is due to disabled origin checking in the WebSocket upgrader, which allows an attacker to send malicious requests using a victim’s browser cookies and achieve remote code execution...

Authorization Bypass

github.com/openfga/openfga is vulnerable to Authorization Bypass. The vulnerability is due to improper enforcement of access control policies during execution of Check and ListObject calls in OpenFGA, which allows an attacker to bypass intended access control and gain unauthorized permissions...

Path Traversal

Copier is vulnerable to Path Traversal. The vulnerability is due to exposing unconstrained pathlib.Path objects in the Jinja context, which allows an attacker to read and write arbitrary files on the filesystem...

Improper Input Validation

@anthropic-ai/claude-code is vulnerable to improper input validation. The vulnerability is due to an overly broad allowlist of safe commands, which allows an attacker to bypass confirmation prompts, read file contents, and exfiltrate them over the network without user confirmation...

Cross-site Scripting (XSS)

Liferay Portal is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input validation due to message board threads and categories allowing remote authenticated users to inject malicious JavaScript...

Cross-Site Scripting (XSS)

Bootstrap is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of the data-loading-text attribute in the button plugin, which allows an attacker to inject and execute malicious JavaScript when the button’s loading state is triggered...

Cross-Site Scripting (XSS)

Bootstrap is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of user input during web page generation, which allows an attacker to inject malicious scripts into the application...

Insecure Direct Object Reference (IDOR)

com.liferay:com.liferay.roles.selector.web is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to improper access control in the groupId parameter of the comliferayrolesselectorwebportletRolesSelectorPortletgroupId, which allows an attacker with organization...

Symlink Attack

github.com/hashicorp/go-getter is vulnerable to Symlink Attack. The vulnerability is due to the subdirectory download feature allowing symbolic links to escape designated directory boundaries and access unauthorized files...

Privilege Escalation

github.com/kubernetes-sigs/image-builder is vulnerable to privilege escalation. The vulnerability is due to default root credentials being enabled during the Windows image build process with Nutanix or VMware OVA providers, which allows an attacker with access to the build VM to modify the image...

Open Redirection

@astrojs/node is vulnerable to Open Redirection. The vulnerability is due to incorrect handling of double slashes with the Node deployment adapter in standalone mode and trailingSlash set to "always," allowing attackers to redirect users to malicious domains...

Path Traversal

org.springframework, spring-webmvc is vulnerable to Path Traversal Vulnerability. The vulnerability is due to improper URI path canonicalization in non-compliant Servlet containers when serving static resources, which allows an attacker to bypass security restrictions and access unauthorized file...

Sensitive Information Disclosure

@backstage/plugin-scaffolder-backend is vulnerable to Sensitive Information Disclosure. The vulnerability is due to duplicate logging of input values in the fetch:template action, which could expose sensitive data if $ secrets.x is used as an argument...

Remote Code Execution (RCE)

flowise is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe use of a dynamic Function constructor due to user-controlled input being executed, allowing attackers to run arbitrary JavaScript via a crafted POST request...

Reflected Cross-Site Scripting (Reflected XSS)

com.liferay, com.liferay.layout.taglib is vulnerable to reflected cross-site scripting XSS. The vulnerability is due to improper sanitization of user input in the content page's name field, which allows an attacker to inject and execute malicious JavaScript code when a user views the "document Vi...

SQL Injection

apachesuperset is vulnerable to SQL Injection. The vulnerability is due to improper enforcement of the DISALLOWEDSQLFUNCTIONS security feature, which allows an attacker with SQL Lab access to circumvent the denylist using a special inline block and execute restricted SQL functions...

Cross-site Scripting (XSS)

apachesuperset is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of chart column labels, which allows an attacker to inject malicious payloads that execute in a victim’s browser and potentially lead to session hijacking or arbitrary command...

Information Disclosure

apachesuperset is vulnerable to information disclosure. The vulnerability is due to improper exposure of database queries in the /chart/data API response, which allows an attacker to access sensitive schema information such as table names...

OS Command Injection

Flowise is vulnerable to OS Command Injection. The vulnerability is due to minimal authentication and lack of RBAC, combined with default installations running without authentication, which allows an attacker to execute unsandboxed OS commands remotely...

Denial Of Service (DoS)

pypdf is vulnerable to Denial Of Service DoS. The vulnerability is due to uncontrolled resource consumption due to maliciously crafted PDFs using repeated FlateDecode filters that can exhaust system memory...