FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover
FlowiseAI: Dataset create+update mass-assignment allows cross-workspace dataset takeover
FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover
FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover
FlowiseAI: Vector Store No Permission Checks
Synapse pagination Denial of Service
Synapse CPU starvation (Denial of Service)
n8n Has a Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints
n8n Has a Source Control Pull SQL Injection
n8n Has an XML Node Prototype Pollution Patch Bypass
n8n Has an Arbitrary File Read via Git Node
n8n: HTTP Request Node Pagination Prototype Pollution to RCE
pyzipper has an encryption bypass for small files encrypted using it
wger: Privilege escalation via trainer-login session chaining allows gym trainer to impersonate gym manager
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend (datahub-frontend-react) deserializes attacker-controlled Java objects from the REDIRECT_URL HTTP cookie during the OIDC callback flow, with no integrity protection (no HMAC, no encryption). This is a Deserialization...
wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Flowsint allows a user to create investigations, which are used to manage sketches and analyses. Sketches have controllable graphs, which are comprised of...
@apostrophecms/cli: Command Injection in apos create via Unsanitized Password Input
soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app. This means attacker-controlled SoundCloud track metadata can lead to local command execution on the...
Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2.