Recent
NanoMQ has a Use After Free vulnerability via sub info list
Published 2025-12-27 by GitHub_M
1-click Remote Code Execution (RCE) vulnerability in Eigent
Published 2025-12-27 by GitHub_M
SiYuan: Information Disclosure and Authentication Bypass via Hardcoded Session Secret
Published 2025-12-27 by GitHub_M
Improper Neutralization of HTML Tags in a Web Page in libredesk
Published 2025-12-27 by GitHub_M
ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling
Published 2025-12-26 by GitHub_M
ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP Result Handling
Published 2025-12-26 by GitHub_M
FreshRSS globally denies access to feed via proxy modifying to 429 Retry-After
Published 2025-12-26 by GitHub_M
FreshRSS has weak cryptographic randomness in remember-me token and nonce generation
Published 2025-12-26 by GitHub_M
StreamVault is Vulnerable to Authenticated Remote Code Execution (RCE) via ytdlpargs Configuration Injection
Published 2025-12-26 by GitHub_M
lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load()
Published 2025-12-26 by GitHub_M
Self-hosted n8n has Legacy Code node that enables arbitrary file read/write
Published 2025-12-26 by GitHub_M
n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node
Published 2025-12-26 by GitHub_M
n8n's Possible Stored XSS in "Respond to Webhook" Node May Execute Outside iframe Sandbox
Published 2025-12-26 by GitHub_M
apidoc-core - prototype pollution in api_group.js, api_param_title.js, api_use.js, and api_permission.js worker
Published 2025-12-26 by Sonatype
Time-of-check Time-of-use (TOCTOU) in IBM Concert Software.
Published 2025-12-26 by ibm
XSS in IBM Aspera Faspex
Published 2025-12-26 by ibm
Exposure of Sensitive System Information to an Unauthorized Control Sphere in IBM Aspera Faspex
Published 2025-12-26 by ibm
Incorrect Execution-Assigned Permissions in IBM Aspera Faspex
Published 2025-12-26 by ibm
Missing Authorization with the DS8900F and DS8A00 Hardware Management Console
Published 2025-12-26 by ibm
Client-Side Enforcement of Server-Side Security in IBM Db2 Intelligence Center
Published 2025-12-26 by ibm
Authentication bypass in IBM API Connect
Published 2025-12-26 by ibm
IBM Concert Software Improper Restriction of Operations within the Bounds of a Memory Buffer.
Published 2025-12-26 by ibm
BM Concert Software Improper Clearing of Heap Memory Before Release.
Published 2025-12-26 by ibm
Published 2025-12-26 by Eaton
Published 2025-12-26 by Eaton
Published 2025-12-26 by Eaton
DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information
Published 2025-12-26 by Deltaww
Improper Input Validation
Published 2025-12-26 by Hanwha_Vision
Hardcoding sensitive information
Published 2025-12-26 by Hanwha_Vision
Improper Input Validation
Published 2025-12-26 by Hanwha_Vision
Published 2025-12-26 by mitre
Inadequate account permissions management
Published 2025-12-26 by Hanwha_Vision
Insufficient certificate validation
Published 2025-12-26 by Hanwha_Vision
simstudioai sim CRON Secret internal.ts improper authentication
Published 2025-12-26 by VulDB
Published 2025-12-26 by mitre
Published 2025-12-26 by mitre
Published 2025-12-26 by mitre
YunaiV yudao-cloud Business Process Management BpmSyncHttpRequestTrigger server-side request forgery
Published 2025-12-26 by VulDB
Published 2025-12-26 by mitre
Alteryx Server status improper authentication
Published 2025-12-26 by VulDB
Published 2025-12-26 by mitre
Published 2025-12-26 by mitre
Published 2025-12-26 by mitre
postmanlabs httpbin core.py cross site scripting
Published 2025-12-26 by VulDB
sunkaifei FlyCMS User Login UserController.java userLogin cross site scripting
Published 2025-12-26 by VulDB
Published 2025-12-26 by mitre
sunkaifei FlyCMS Admin Login IndexAdminController.java cross site scripting
Published 2025-12-26 by VulDB
UTT 进取 512W ConfigExceptMSN strcpy buffer overflow
Published 2025-12-26 by VulDB
Published 2025-12-26 by mitre
Published 2025-12-26 by mitre
Load more ↓