Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
High
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: github
Published: almost 3 years ago
gitea: GSA_kwCzR0hTQS00d3AzLThxOTItbWg4d80pxA
Cross Site Request Forgery in GiteaEcosystems: go
Packages: github.com/go-gitea/gitea
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: github
Published: almost 3 years ago
gitea: GSA_kwCzR0hTQS04aDhwLXgyODktdnZxcs0pyQ
Gitea displaying raw OpenID error in UIEcosystems: go
Packages: github.com/go-gitea/gitea
Source: github
Published: almost 3 years ago
Critical
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: github
Published: almost 3 years ago
gitea: GSA_kwCzR0hTQS1qcnBnLTM1aHctbTRwOc0ptg
Capture-replay in GiteaEcosystems: go
Packages: github.com/go-gitea/gitea
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: github
Published: almost 3 years ago
gitea: GSA_kwCzR0hTQS0zNmgyLTk1Z2otdzQ4OM0pvA
Open redirect in GiteaEcosystems: go
Packages: github.com/go-gitea/gitea
Source: github
Published: almost 3 years ago
High
Ecosystems: pypi
Packages: numpy
Source: github
Published: almost 3 years ago
numpy: GSA_kwCzR0hTQS01NTQ1LTJxNnctMmdoNs0c3A
NumPy NULL Pointer DereferenceEcosystems: pypi
Packages: numpy
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: numpy
Source: github
Published: almost 3 years ago
numpy: GSA_kwCzR0hTQS1mN2M3LWo5OWgtYzIyZs0c1w
Buffer Copy without Checking Size of Input in NumPyEcosystems: pypi
Packages: numpy
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: jsdecena/laracom
Source: github
Published: almost 3 years ago
laracom: GSA_kwCzR0hTQS01cTV3LW1xcDYtZzJnaM0pXg
Unrestricted Upload of File with Dangerous Type in jsdecena/laracomEcosystems: packagist
Packages: jsdecena/laracom
Source: github
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/casdoor/casdoor
Source: github
Published: almost 3 years ago
casdoor: GSA_kwCzR0hTQS1tMzU4LWc0cnAtNTMzcs0n5A
SQL Injection in CasdoorEcosystems: go
Packages: github.com/casdoor/casdoor
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
microweber: GSA_kwCzR0hTQS1wcmZmLTZqOHEtdnJ2N80mvw
Cross-site Scripting in microweberEcosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
microweber: GSA_kwCzR0hTQS0zajU4LXA3ODUtZjI3eM0mwA
Cross-site Scripting in microweberEcosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: getgrav/grav
Source: github
Published: almost 3 years ago
grav: GSA_kwCzR0hTQS03MzV2LXd4NzUteG1tbc0mmg
Cross-site Scripting in gravEcosystems: packagist
Packages: getgrav/grav
Source: github
Published: almost 3 years ago
High
Ecosystems: npm
Packages: node-fetch
Source: github
Published: almost 3 years ago
node-fetch: GSA_kwCzR0hTQS1yNjgzLWoyeDQtdjg3Z80j_w
node-fetch forwards secure headers to untrusted sitesEcosystems: npm
Packages: node-fetch
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: wagtail
Source: github
Published: almost 3 years ago
wagtail: GSA_kwCzR0hTQS14cXhtLTJycG0tMzg4Oc0kJQ
Comment reply notifications sent to incorrect usersEcosystems: pypi
Packages: wagtail
Source: github
Published: almost 3 years ago
High
Ecosystems: npm
Packages: colors
Source: github
Published: almost 3 years ago
colors.js: GSA_kwCzR0hTQS1naDg4LTNweHAtNmZtOM0jtg
Infinite Loop in colors.jsEcosystems: npm
Packages: colors
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
microweber: GSA_kwCzR0hTQS1tOHJwLXE4MnItYzVtZs0lmQ
Cross-site Scripting in microweberEcosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
High
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
microweber: GSA_kwCzR0hTQS03d3Y4LWc5N3ItNDMyaM0llg
Exposure of Sensitive Information to an Unauthorized Actor in microweberEcosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
microweber: GSA_kwCzR0hTQS12Y2dmLXZtcGMtcGg3Oc0lmA
Microweber Incorrect Permission Assignment for Critical Resource vulnerabilityEcosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
High
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
microweber: GSA_kwCzR0hTQS1wNWhqLXh4ZnItcHdjM80lkg
Code Injection in microweberEcosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 3 years ago
High
Ecosystems: packagist
Packages: october/system
Source: github
Published: almost 3 years ago
october: GSA_kwCzR0hTQS01aGZqLXI3MjUtd3BjNM0jVg
october/system arbitrary code executionEcosystems: packagist
Packages: october/system
Source: github
Published: almost 3 years ago
High
Ecosystems: packagist
Packages: october/system
Source: github
Published: almost 3 years ago
october: GSA_kwCzR0hTQS13djIzLXBmajctMm1qas0jVw
October/System authenticated file write leads to remote code executionEcosystems: packagist
Packages: october/system
Source: github
Published: almost 3 years ago
High
Ecosystems: npm
Packages: extend2
Source: github
Published: almost 3 years ago
extend2: GSA_kwCzR0hTQS1nam01LTgzY3ctcDNwMs0h4g
Prototype Pollution in extend2Ecosystems: npm
Packages: extend2
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: markdown-it
Source: github
Published: almost 3 years ago
markdown-it: GSA_kwCzR0hTQS02dmZjLXF2M2YtdnI2Y80hTA
Uncontrolled Resource Consumption in markdown-itEcosystems: npm
Packages: markdown-it
Source: github
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: @soketi/soketi
Source: github
Published: almost 3 years ago
soketi: GSA_kwCzR0hTQS0ydzhnLW01ajgtN204N80hSQ
Zalgo-like output that crashes the serverEcosystems: npm
Packages: @soketi/soketi
Source: github
Published: almost 3 years ago
High
Ecosystems: npm
Packages: Colors
Source: github
Published: almost 3 years ago
colors.js: GSA_kwCzR0hTQS01cnFnLWptNGYtY3F4N80hSA
Infinite loop causing Denial of Service in colorsEcosystems: npm
Packages: Colors
Source: github
Published: almost 3 years ago
High
Ecosystems: npm
Packages: @soketi/soketi
Source: github
Published: almost 3 years ago
soketi: GSA_kwCzR0hTQS04NmNoLTZ3N3YtdjZ4Zs0hRQ
Denial of Service in soketiEcosystems: npm
Packages: @soketi/soketi
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: postcss
Source: github
Published: almost 3 years ago
postcss: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU2Nm0tcWo3OC1yd3c1
Regular Expression Denial of Service in postcssEcosystems: npm
Packages: postcss
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: getgrav/grav
Source: github
Published: almost 3 years ago
grav: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdyeGMtbXIydy1janB2
Open Redirect in GravEcosystems: packagist
Packages: getgrav/grav
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: numpy
Source: github
Published: almost 3 years ago
numpy: GSA_kwCzR0hTQS02cDU2LXdwMmgtOWh4cs0c3w
NumPy Buffer Overflow (Disputed)Ecosystems: pypi
Packages: numpy
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: maven
Packages: org.typelevel:jawn-parser
Source: github
Published: almost 3 years ago
jawn: GSA_kwCzR0hTQS12Yzg5LWhjY2YtcnE1Nc0hAg
Hash collision in typelevel jawnEcosystems: maven
Packages: org.typelevel:jawn-parser
Source: github
Published: almost 3 years ago
High
Ecosystems: pypi
Packages: celery
Source: github
Published: almost 3 years ago
celery: GSA_kwCzR0hTQS1xNHhyLXJjOTctbTR4eM0f2w
OS Command Injection in celeryEcosystems: pypi
Packages: celery
Source: github
Published: almost 3 years ago
Critical
Ecosystems: cargo
Packages: actix-web
Source: github
Published: almost 3 years ago
actix-web: GSA_kwCzR0hTQS05cWo2LTRyZnEtdm04NM0frg
Out-of-bounds Write in actix-webEcosystems: cargo
Packages: actix-web
Source: github
Published: almost 3 years ago
High
Ecosystems: cargo
Packages: libpulse-binding
Source: github
Published: almost 3 years ago
pulse-binding-rust: GSA_kwCzR0hTQS1oeGpmLWgybWgtcjZoas0fqw
Use After Free in libpulse-bindingEcosystems: cargo
Packages: libpulse-binding
Source: github
Published: almost 3 years ago
Critical
Ecosystems: cargo
Packages: actix-web
Source: github
Published: almost 3 years ago
actix-web: GSA_kwCzR0hTQS03eDM2LWg2Mnctdnc2Nc0frA
Out-of-bounds Write in actix-webEcosystems: cargo
Packages: actix-web
Source: github
Published: almost 3 years ago
Critical
Ecosystems: cargo
Packages: actix-web
Source: github
Published: almost 3 years ago
actix-web: GSA_kwCzR0hTQS1mZ2ZtLWhxanctMzI2Nc0frQ
Out-of-bounds Write in actix-webEcosystems: cargo
Packages: actix-web
Source: github
Published: almost 3 years ago
Critical
Ecosystems: cargo
Packages: flumedb
Source: github
Published: almost 3 years ago
flumedb-rs: GSA_kwCzR0hTQS1wNDZjLXc5bTMtN3FyMs0fqg
Use of Uninitialized Resource in flumedb.Ecosystems: cargo
Packages: flumedb
Source: github
Published: almost 3 years ago
High
Ecosystems: cargo
Packages: libpulse-binding
Source: github
Published: almost 3 years ago
pulse-binding-rust: GSA_kwCzR0hTQS14dmNnLTJxODItcjg3as0fpw
Panic mishandled in libpulse-bindingEcosystems: cargo
Packages: libpulse-binding
Source: github
Published: almost 3 years ago
High
Ecosystems: cargo
Packages: libpulse-binding
Source: github
Published: almost 3 years ago
pulse-binding-rust: GSA_kwCzR0hTQS1qcXB2LWptNG0tODZqOc0fqQ
Use After Free in libpulse-bindingEcosystems: cargo
Packages: libpulse-binding
Source: github
Published: almost 3 years ago
Critical
Ecosystems: cargo
Packages: gfx-auxil
Source: github
Published: almost 3 years ago
gfx: GSA_kwCzR0hTQS1mZjJyLXhwd3EtNndoas0fmA
Use of Uninitialized Resource in gfx-auxilEcosystems: cargo
Packages: gfx-auxil
Source: github
Published: almost 3 years ago
Critical
Ecosystems: cargo
Packages: sha2
Source: github
Published: almost 3 years ago
hashes: GSA_kwCzR0hTQS1mYzd4LTJjbWMtOGoyZ80fkw
Incorrect hash in sha2Ecosystems: cargo
Packages: sha2
Source: github
Published: almost 3 years ago
High
Ecosystems: cargo
Packages: tokio
Source: github
Published: almost 3 years ago
tokio: GSA_kwCzR0hTQS1mZzdyLTJnNGotNWNncs0fhg
Race Condition in tokioEcosystems: cargo
Packages: tokio
Source: github
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/kataras/iris, github.com/kataras/iris/v12
Source: github
Published: almost 3 years ago
iris: GSA_kwCzR0hTQS1qY3hjLXJoNnctd2Y0Oc0eaw
Link Following in IrisEcosystems: go
Packages: github.com/kataras/iris, github.com/kataras/iris/v12
Source: github
Published: almost 3 years ago
High
Ecosystems: npm
Packages: copy-props
Source: github
Published: almost 3 years ago
copy-props: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5N20tcmpmNS1qcDM5
Prototype Pollution in copy-propsEcosystems: npm
Packages: copy-props
Source: github
Published: almost 3 years ago
Moderate
Ecosystems: rubygems
Packages: solidus_frontend
Source: github
Published: almost 3 years ago
solidus: GSA_kwCzR0hTQS1oM2ZnLWg1djMtdmY4bc0gsw
CSRF forgery protection bypass in solidus_frontendEcosystems: rubygems
Packages: solidus_frontend
Source: github
Published: almost 3 years ago
Critical
Ecosystems: maven
Packages: org.powernukkit:powernukkit
Source: github
Published: almost 3 years ago
PowerNukkit: GSA_kwCzR0hTQS0zcXBtLWg5Y2gtcHgzY80gtg
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j libraryEcosystems: maven
Packages: org.powernukkit:powernukkit
Source: github
Published: almost 3 years ago
Critical
Ecosystems: go
Packages: github.com/authelia/authelia/v4
Source: github
Published: about 3 years ago
authelia: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4d20tcGZqZi13cXA2
Authelia vulnerable to an authentication bypassed with malformed request URI on nginxEcosystems: go
Packages: github.com/authelia/authelia/v4
Source: github
Published: about 3 years ago
Moderate
Ecosystems: pypi
Packages: numpy
Source: github
Published: about 3 years ago
numpy: GSA_kwCzR0hTQS1mcGZ2LWpxbTktZjVqbc0c3Q
Incorrect Comparison in NumPyEcosystems: pypi
Packages: numpy
Source: github
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: github
Published: about 3 years ago
framework: GSA_kwCzR0hTQS1xODY4LWM0dnctcWp4M80czw
ThinkPHP5 SQL Injection vulnerabilityEcosystems: packagist
Packages: topthink/framework
Source: github
Published: about 3 years ago
High
Ecosystems: go
Packages: github.com/owncast/owncast
Source: github
Published: about 3 years ago
owncast: GSA_kwCzR0hTQS0yaGZqLWN4dzctZzQ1cM0bRg
Unsafe inline XSS in pasting DOM element into chatEcosystems: go
Packages: github.com/owncast/owncast
Source: github
Published: about 3 years ago
Moderate
Ecosystems: maven
Packages: org.apereo.cas:cas-server-core-web
Source: github
Published: about 3 years ago
cas: GSA_kwCzR0hTQS1nZmh4LWpqd3EtNjNnds0Zew
Cross-site Scripting in Apereo CASEcosystems: maven
Packages: org.apereo.cas:cas-server-core-web
Source: github
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: github
Published: about 3 years ago
framework: GSA_kwCzR0hTQS0zM2djLTZjdzktdzNnNM0ZXg
Deserialization of Untrusted Data in topthink/frameworkEcosystems: packagist
Packages: topthink/framework
Source: github
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: librenms/librenms
Source: github
Published: about 3 years ago
librenms: GSA_kwCzR0hTQS03Mjg5LWNod2otN2g4Ns0ZMg
Path traversal in librenms/librenmsEcosystems: packagist
Packages: librenms/librenms
Source: github
Published: about 3 years ago
High
Ecosystems: npm
Packages: is-svg
Source: github
Published: about 3 years ago
is-svg: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI4ajUtaDVjeC02NWdn
ReDOS in IS-SVGEcosystems: npm
Packages: is-svg
Source: github
Published: about 3 years ago
High
Ecosystems: npm
Packages: strapi
Source: github
Published: about 3 years ago
strapi: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ5dnYtNnE3cS13NWNm
OS Command Injection in StrapiEcosystems: npm
Packages: strapi
Source: github
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: strapi-admin
Source: github
Published: about 3 years ago
strapi: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzZnAtZm1ydi1mNXB4
Uncontrolled Resource Consumption in strapiEcosystems: npm
Packages: strapi-admin
Source: github
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: solidus_core
Source: github
Published: about 3 years ago
solidus: GSA_kwCzR0hTQS1xeG1yLXF4aDYtMmNjOc0ZdQ
ReDos vulnerability on guest checkout email validationEcosystems: rubygems
Packages: solidus_core
Source: github
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: github
Published: about 3 years ago
framework: GSA_kwCzR0hTQS1xcnZqLTI3NGgtaGZjZ80ZRw
Deserialization of Untrusted Data in topthink/frameworkEcosystems: packagist
Packages: topthink/framework
Source: github
Published: about 3 years ago
Moderate
Ecosystems: packagist
Packages: librenms/librenms
Source: github
Published: about 3 years ago
librenms: GSA_kwCzR0hTQS01dnI2LWhtNjgtNWo5cM0YwQ
Cross-site Scripting in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: github
Published: about 3 years ago
Moderate
Ecosystems: packagist
Packages: librenms/librenms
Source: github
Published: about 3 years ago
librenms: GSA_kwCzR0hTQS00Z3doLTJwcXgtZjVjY80Ywg
Cross-site Scripting in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: github
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: hexo
Source: github
Published: about 3 years ago
hexo: GSA_kwCzR0hTQS1xNTRyLXI5cHItdzdxds0Ylg
Hexo Vulnerable to XSSEcosystems: npm
Packages: hexo
Source: github
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: github
Published: about 3 years ago
validator.js: GSA_kwCzR0hTQS14eDRjLWpqNTgtcjd4Ns0W8g
Inefficient Regular Expression Complexity in Validator.jsEcosystems: npm
Packages: validator
Source: github
Published: about 3 years ago
Critical
Ecosystems: rubygems
Packages: solidus_core
Source: github
Published: about 3 years ago
solidus: GSA_kwCzR0hTQS01NjI5LTg4NTUtZ2Y0Z80XUQ
Authentication Bypass by CSRF WeaknessEcosystems: rubygems
Packages: solidus_core
Source: github
Published: about 3 years ago
High
Ecosystems: nuget
Packages: Piranha
Source: github
Published: about 3 years ago
piranha.core: GSA_kwCzR0hTQS1wcHE3LTg4YzctcTg3Oc0XVw
Cross-Site Request Forgery in PiranhaCMSEcosystems: nuget
Packages: Piranha
Source: github
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: doctrine/dbal
Source: github
Published: about 3 years ago
dbal: GSA_kwCzR0hTQS1yN2NqLThoamcteDYyMs0XOw
DBAL 3 SQL Injection Security VulnerabilityEcosystems: packagist
Packages: doctrine/dbal
Source: github
Published: about 3 years ago
High
Ecosystems: packagist
Packages: getgrav/grav
Source: github
Published: about 3 years ago
grav: GSA_kwCzR0hTQS04YzVwLTQzNjItOTMzM80W8w
Path traversal in gravEcosystems: packagist
Packages: getgrav/grav
Source: github
Published: about 3 years ago
Moderate
Ecosystems: packagist
Packages: librenms/librenms
Source: github
Published: about 3 years ago
librenms: GSA_kwCzR0hTQS00NnJ4LTZqZzktNGZoOM0W5w
Cross-site Scripting in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: github
Published: about 3 years ago
Low
Ecosystems: npm
Packages: bootstrap-table
Source: github
Published: about 3 years ago
bootstrap-table: GSA_kwCzR0hTQS1tdzZxLTk4bXAtZzhnOM0W5Q
Cross-site Scripting in bootstrap-tableEcosystems: npm
Packages: bootstrap-table
Source: github
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: github
Published: about 3 years ago
validator.js: GSA_kwCzR0hTQS1xZ21nLWdwcGctNzZnNc0W1g
Inefficient Regular Expression Complexity in validator.jsEcosystems: npm
Packages: validator
Source: github
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: modx/revolution
Source: github
Published: about 3 years ago
revolution: GSA_kwCzR0hTQS12aGZwLTl3dmotZ3d2Z80WyA
XML External Entity vulnerability in MODX CMSEcosystems: packagist
Packages: modx/revolution
Source: github
Published: about 3 years ago
Moderate
Ecosystems: packagist
Packages: getgrav/grav
Source: github
Published: about 3 years ago
grav: GSA_kwCzR0hTQS01anhjLWhtcWYtM2Y3M80Www
Cross-Site Scripting in gravEcosystems: packagist
Packages: getgrav/grav
Source: github
Published: about 3 years ago
Moderate
Ecosystems: nuget
Packages: Piranha
Source: github
Published: about 3 years ago
piranha.core: GSA_kwCzR0hTQS1qdmpwLXZoMjctcjloNc0Wug
Cross-site Scripting in PiranhaCMSEcosystems: nuget
Packages: Piranha
Source: github
Published: about 3 years ago
High
Ecosystems: npm
Packages: ua-parser-js
Source: github
Published: about 3 years ago
ua-parser-js: GSA_kwCzR0hTQS1wandtLXJ2aDItYzg3d80Wrw
Embedded malware in ua-parser-jsEcosystems: npm
Packages: ua-parser-js
Source: github
Published: about 3 years ago
Critical
Ecosystems: pypi
Packages: omero-web, omero-figure
Source: github
Published: about 3 years ago
omero-web: GSA_kwCzR0hTQS1nNjdnLWh2YzMteG12Zs0WkA
Inconsistent input sanitisation leads to XSS vectorsEcosystems: pypi
Packages: omero-web, omero-figure
Source: github
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: electron
Source: github
Published: about 3 years ago
electron: GSA_kwCzR0hTQS1tcGptLXY5OTctYzRoNM0WiQ
Electron's sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage APIEcosystems: npm
Packages: electron
Source: github
Published: about 3 years ago
High
Ecosystems: pypi
Packages: mkdocs
Source: github
Published: about 3 years ago
mkdocs: GSA_kwCzR0hTQS1xaDlxLTM0aDYtaGN2Oc0WYQ
Directory traversal in mkdocsEcosystems: pypi
Packages: mkdocs
Source: github
Published: about 3 years ago
High
Ecosystems: npm
Packages: rsshub
Source: github
Published: about 3 years ago
RSSHub: GSA_kwCzR0hTQS1wZ2pqLTg2NnctZmM1Y80WeQ
Risk of code injectionEcosystems: npm
Packages: rsshub
Source: github
Published: about 3 years ago
High
Ecosystems: npm
Packages: strapi
Source: github
Published: about 3 years ago
strapi: GSA_kwCzR0hTQS0zN2h4LTRtY3Etd2MzaM0WMQ
Weak Password Recovery Mechanism for Forgotten Password in StrapiEcosystems: npm
Packages: strapi
Source: github
Published: about 3 years ago
High
Ecosystems: packagist
Packages: october/system, october/october
Source: github
Published: about 3 years ago
october: GSA_kwCzR0hTQS02Z2pmLTd3OTktajd4N80WOA
Deleted Admin Can Sign In to Admin InterfaceEcosystems: packagist
Packages: october/system, october/october
Source: github
Published: about 3 years ago
High
Ecosystems: pypi
Packages: cobbler
Source: github
Published: about 3 years ago
cobbler: GSA_kwCzR0hTQS1jcjNmLXIyNGotM2Nod80WIw
Cobbler before 3.3.0 allows authorization bypass for modification of settings.Ecosystems: pypi
Packages: cobbler
Source: github
Published: about 3 years ago
High
Ecosystems: pypi
Packages: cobbler
Source: github
Published: about 3 years ago
cobbler: GSA_kwCzR0hTQS1jcHFmLTNjM3ItYzlnMs0WIg
Cobbler before 3.3.0 allows log poisoningEcosystems: pypi
Packages: cobbler
Source: github
Published: about 3 years ago
High
Ecosystems: pypi
Packages: cobbler
Source: github
Published: about 3 years ago
cobbler: GSA_kwCzR0hTQS00Y2ZyLWdqZngtZmozeM0WIQ
Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.Ecosystems: pypi
Packages: cobbler
Source: github
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: topthink/thinkphp
Source: github
Published: about 3 years ago
thinkphp: GSA_kwCzR0hTQS1tN2g1LWZqanEtNTU5Zs0WEg
SQL Injection in topthink/thinkphpEcosystems: packagist
Packages: topthink/thinkphp
Source: github
Published: about 3 years ago
High
Ecosystems: npm
Packages: parse-server
Source: github
Published: about 3 years ago
parse-server: GSA_kwCzR0hTQS03cHIzLXA1Zm0tOHI5eM0WDw
LiveQuery publishes user session tokens in parse-serverEcosystems: npm
Packages: parse-server
Source: github
Published: about 3 years ago
Moderate
Ecosystems: packagist
Packages: getgrav/grav
Source: github
Published: about 3 years ago
grav: GSA_kwCzR0hTQS1jZzNxLTU5dzctcnZjMs0WBA
Reliance on Cookies without Validation and Integrity Checking in getgrav/gravEcosystems: packagist
Packages: getgrav/grav
Source: github
Published: about 3 years ago
Moderate
Ecosystems: go
Packages: code.gitea.io/gitea
Source: github
Published: about 3 years ago
gitea: GSA_kwCzR0hTQS1nOTVwLTg4cDQtNzZjbc0V_w
Cross-site Scripting in GiteaEcosystems: go
Packages: code.gitea.io/gitea
Source: github
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: ghost
Source: github
Published: about 3 years ago
Ghost: GSA_kwCzR0hTQS02NXA3LXBqajgtZ2dtcs0V-w
Member account takeoverEcosystems: npm
Packages: ghost
Source: github
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: @asyncapi/modelina
Source: github
Published: about 3 years ago
modelina: GSA_kwCzR0hTQS00amcyLTg0YzItcGo5Nc0V7A
Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelinaEcosystems: npm
Packages: @asyncapi/modelina
Source: github
Published: about 3 years ago
High
Ecosystems: npm
Packages: semver-regex
Source: github
Published: over 3 years ago
semver-regex: GSA_kwCzR0hTQS00NGM2LTR2MjItNG1oeM0VyQ
semver-regex Regular Expression Denial of Service (ReDOS)Ecosystems: npm
Packages: semver-regex
Source: github
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: ghost
Source: github
Published: over 3 years ago
Ghost: GSA_kwCzR0hTQS13ZnJqLXFxYzItODNjbc0V0g
Remote command injection when using sendmail email transportEcosystems: npm
Packages: ghost
Source: github
Published: over 3 years ago
Moderate
Ecosystems: packagist
Packages: librenms/librenms
Source: github
Published: over 3 years ago
librenms: GSA_kwCzR0hTQS0ycjJ3LWpyaDItcDRncs0Vqw
Cross-site Scripting in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: github
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: intelliants/subrion
Source: github
Published: over 3 years ago
subrion: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxNDQtZ2Z2cS02Zzkz
SQL Injection in Subrion CMSEcosystems: packagist
Packages: intelliants/subrion
Source: github
Published: over 3 years ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: github
Published: over 3 years ago
librenms: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjMzMtMzQ2NS1maHgy
Exposure of Resource to Wrong Sphere in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: github
Published: over 3 years ago
Moderate
Ecosystems: packagist
Packages: lavalite/cms
Source: github
Published: over 3 years ago
cms: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5MnYtN2ZybS1oNDRx
Cross-site scripting in LavaLite-CMSEcosystems: packagist
Packages: lavalite/cms
Source: github
Published: over 3 years ago
High
Ecosystems: maven
Packages: org.geysermc:connector
Source: github
Published: over 3 years ago
Geyser: GSA_kwCzR0hTQS1oNzdmLXh4eDctNDg1OM0VmQ
User impersonation due to incorrect handling of the login JWTEcosystems: maven
Packages: org.geysermc:connector
Source: github
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: parse-server
Source: github
Published: over 3 years ago
parse-server: GSA_kwCzR0hTQS01OTN2LXdjcXgtaHEyd80Vlw
Incorrect version tags linked to external repositoryEcosystems: npm
Packages: parse-server
Source: github
Published: over 3 years ago
High
Ecosystems: npm
Packages: immer
Source: github
Published: over 3 years ago
immer: GSA_kwCzR0hTQS1jMzZ2LWZtZ3EtbThoeM0Vlg
Prototype Pollution in immerEcosystems: npm
Packages: immer
Source: github
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: isomorphic-git
Source: github
Published: over 3 years ago
isomorphic-git: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZneHEtcDQ5Zi1xdzk5
Directory Traversal in isomorphic-gitEcosystems: npm
Packages: isomorphic-git
Source: github
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: immer
Source: github
Published: over 3 years ago
immer: GSA_kwCzR0hTQS0zM2Y5LWo4MzktcmY4aM0VjA
Prototype Pollution in immerEcosystems: npm
Packages: immer
Source: github
Published: over 3 years ago
High
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: github
Published: over 3 years ago
dolibarr: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZqcWctdzhnNi1oaHE4
Dolibarr vulnerable to Improper Authentication and Improper Access ControlEcosystems: packagist
Packages: dolibarr/dolibarr
Source: github
Published: over 3 years ago
Moderate
Ecosystems: pypi
Packages: pywb
Source: github
Published: over 3 years ago
pywb: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0N3gtcHY0Ny1wcDNx
Cross-site scripting in pywbEcosystems: pypi
Packages: pywb
Source: github
Published: over 3 years ago
High
Ecosystems: packagist
Packages: billz/raspap-webgui
Source: github
Published: over 3 years ago
raspap-webgui: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd2cGgtcDYzNC12cnFm
Command Injection in RaspAP 2.6.6Ecosystems: packagist
Packages: billz/raspap-webgui
Source: github
Published: over 3 years ago