CVE-2021-23385

This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an ar ...

Continue Reading

August 02, 2022

CVE-2020-28451

This affects the package image-tiler before 2.0.2.Read More ...

Continue Reading

August 02, 2022

CVE-2020-7795

The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js.Read More ...

Continue Reading

August 02, 2022

CVE-2020-28423

This affects all versions of package monorepo-build.Read More ...

Continue Reading

August 02, 2022

CVE-2022-34618

A stored cross-site scripting (XSS) vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field.R ...

Continue Reading

August 02, 2022

CVE-2022-34613

Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file.Read More ...

Continue Reading

August 02, 2022

CVE-2022-29154

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are s ...

Continue Reading

August 02, 2022

CVE-2022-35223

EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserializati ...

Continue Reading

August 02, 2022

CVSS3 - CRITICAL

1 3,005 3,006 3,007 3,008 3,009 3,551

Back to Main
Subscribe for the latest news: