Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2025-192692
  • npm/@vienna_cancer_center_portal/js
Malicious code in @vienna_cancer_center_portal/js (npm) 33 minutes ago
  • No fix available
MAL-2025-192693
  • npm/airslate-dep-webpack
Malicious code in airslate-dep-webpack (npm) 33 minutes ago
  • No fix available
MAL-2025-192694
  • npm/dc-extras
Malicious code in dc-extras (npm) 33 minutes ago
  • No fix available
MAL-2025-192695
  • npm/ivx-cloud-client-v1
Malicious code in ivx-cloud-client-v1 (npm) 33 minutes ago
  • No fix available
MAL-2025-192696
  • npm/mui-wrapper-core
Malicious code in mui-wrapper-core (npm) 33 minutes ago
  • No fix available
MAL-2025-192697
  • npm/mw-frontend-utils
Malicious code in mw-frontend-utils (npm) 33 minutes ago
  • No fix available
MAL-2025-192698
  • npm/ro-mobile
Malicious code in ro-mobile (npm) 33 minutes ago
  • No fix available
GHSA-rchf-xwx2-hm93
  • npm/@fedify/fedify
Fedify has ReDoS Vulnerability in HTML Parsing Regex 1 hour ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-54mj-vcvj-q3v5
  • NuGet/Umbraco.Cms
Umbraco CMS has an arbitrary file upload vulnerability 1 hour ago
  • No fix available
  • Severity - 5.8 (Medium)
MAL-2025-192691
  • npm/cloudy-uvi-sense-v11
Malicious code in cloudy-uvi-sense-v11 (npm) 2 hours ago
  • No fix available
GHSA-428g-f7cq-pgp5
  • PyPI/marshmallow
Marshmallow has DoS in Schema.load(many) 2 hours ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-c4p6-qg4m-9jmr
  • Go/github.com/kedacore/keda/v2
KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential 2 hours ago
  • Fix available
  • Severity - 8.2 (High)
GO-2025-4241
  • Go/github.com/RedHatInsights/runtimes-inventory-operator
Misconfigured Internal Proxy in runtimes-inventory-rhel8-operator Grants Standard Users Full Cluster Administrator Access in github.com/RedHatInsights/runtimes-inventory-operator 4 hours ago
  • No fix available
GO-2025-4242
  • Go/github.com/redhat-developer/gitops-operator
OpenShift GitOps authenticated attackers can obtain cluster root access through forged ArgoCD custom resources in github.com/redhat-developer/gitops-operator 4 hours ago
  • No fix available
GO-2025-4243
  • Go/github.com/abhinavxd/libredesk
Libredesk has Improper Neutralization of HTML Tags in a Web Page in github.com/abhinavxd/libredesk 4 hours ago
  • No fix available
GO-2025-4244
  • Go/github.com/emiago/sipgo
SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference in github.com/emiago/sipgo 4 hours ago
  • Fix available