FlowiseAI: Dataset create+update mass-assignment allows cross-workspace dataset takeover
FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover
FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover
FlowiseAI: Vector Store No Permission Checks
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This vulnerabilit...
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1.
n8n Has a Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints
n8n Has a Source Control Pull SQL Injection
n8n Has an XML Node Prototype Pollution Patch Bypass
n8n Has an Arbitrary File Read via Git Node
n8n: HTTP Request Node Pagination Prototype Pollution to RCE
pyzipper has an encryption bypass for small files encrypted using it
wger: Privilege escalation via trainer-login session chaining allows gym trainer to impersonate gym manager
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend (datahub-frontend-react) deserializes attacker-controlled Java objects from the REDIRECT_URL HTTP cookie during the OIDC callback flow, with no integrity protection (no HMAC, no encryption). This is a Deserialization...
wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Flowsint allows a user to create investigations, which are used to manage sketches and analyses. Sketches have controllable graphs, which are comprised of...
@apostrophecms/cli: Command Injection in apos create via Unsanitized Password Input
soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app. This means attacker-controlled SoundCloud track metadata can lead to local command execution on the...
Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2.
STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution (LCE) with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly ru...