Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2025-192692
  • npm/@vienna_cancer_center_portal/js
 Malicious code in @vienna_cancer_center_portal/js (npm) 33 minutes ago
  • No fix available
MAL-2025-192693
  • npm/airslate-dep-webpack
 Malicious code in airslate-dep-webpack (npm) 33 minutes ago
  • No fix available
MAL-2025-192694
  • npm/dc-extras
 Malicious code in dc-extras (npm) 33 minutes ago
  • No fix available
MAL-2025-192695
  • npm/ivx-cloud-client-v1
 Malicious code in ivx-cloud-client-v1 (npm) 33 minutes ago
  • No fix available
MAL-2025-192696
  • npm/mui-wrapper-core
 Malicious code in mui-wrapper-core (npm) 33 minutes ago
  • No fix available
MAL-2025-192697
  • npm/mw-frontend-utils
 Malicious code in mw-frontend-utils (npm) 33 minutes ago
  • No fix available
MAL-2025-192698
  • npm/ro-mobile
 Malicious code in ro-mobile (npm) 33 minutes ago
  • No fix available
GHSA-rchf-xwx2-hm93
  • npm/@fedify/fedify
 Fedify has ReDoS Vulnerability in HTML Parsing Regex 1 hour ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-54mj-vcvj-q3v5
  • NuGet/Umbraco.Cms
 Umbraco CMS has an arbitrary file upload vulnerability 1 hour ago
  • No fix available
  • Severity - 5.8 (Medium)
MAL-2025-192691
  • npm/cloudy-uvi-sense-v11
 Malicious code in cloudy-uvi-sense-v11 (npm) 2 hours ago
  • No fix available
GHSA-428g-f7cq-pgp5
  • PyPI/marshmallow
 Marshmallow has DoS in Schema.load(many) 2 hours ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-c4p6-qg4m-9jmr
  • Go/github.com/kedacore/keda/v2
 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential 2 hours ago
  • Fix available
  • Severity - 8.2 (High)
GO-2025-4241
  • Go/github.com/RedHatInsights/runtimes-inventory-operator
 Misconfigured Internal Proxy in runtimes-inventory-rhel8-operator Grants Standard Users Full Cluster Administrator Access in github.com/RedHatInsights/runtimes-inventory-operator 4 hours ago
  • No fix available
GO-2025-4242
  • Go/github.com/redhat-developer/gitops-operator
 OpenShift GitOps authenticated attackers can obtain cluster root access through forged ArgoCD custom resources in github.com/redhat-developer/gitops-operator 4 hours ago
  • No fix available
GO-2025-4243
  • Go/github.com/abhinavxd/libredesk
 Libredesk has Improper Neutralization of HTML Tags in a Web Page in github.com/abhinavxd/libredesk 4 hours ago
  • No fix available
GO-2025-4244
  • Go/github.com/emiago/sipgo
 SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference in github.com/emiago/sipgo 4 hours ago
  • Fix available
Load more...