Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-f686-hw9c-xw9c
  • Maven/net.snowflake:snowflake-jdbc
Snowflake JDBC Security Advisory 16 hours ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-7mqj-xgf8-p59v
  • Maven/org.apache.nifi:nifi-web-ui
Apache NiFi Cross-site Scripting vulnerability yesterday
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-j945-c44v-97g6
  • Maven/net.sf.mpxj:mpxj
  • RubyGems/mpxj
  • PyPI/mpxj
  • NuGet/net.sf.mpxj
  • NuGet/net.sf.mpxj-for-csharp
  • NuGet/net.sf.mpxj-for-vb
  • NuGet/MPXJ.Net
MPXJ has a Potential Path Traversal Vulnerability 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-c4q5-6c82-3qpw
  • Maven/org.springframework.security:spring-security-web
Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications 2 days ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-qfwq-6jh6-8xx4
  • Maven/org.openrefine:openrefine
OpenRefine has a path traversal in LoadLanguageCommand 6 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-3pg4-qwc8-426r
  • Maven/org.openrefine:openrefine
OpenRefine leaks Google API credentials in releases 6 days ago
  • Fix available
GHSA-mpcw-3j5p-p99x
  • Maven/org.openrefine.dependencies:butterfly
Butterfly's parseJSON, getJSON functions eval malicious input, leading to remote code execution (RCE) 6 days ago
  • Fix available
GHSA-3p8v-w8mr-m3x8
  • Maven/org.openrefine.dependencies:butterfly
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses 6 days ago
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-j8hp-f2mj-586g
  • Maven/org.openrefine:openrefine
OpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious project 6 days ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-87cf-j763-vvh8
  • Maven/org.openrefine:database
OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE) 6 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-79jv-5226-783f
  • Maven/org.openrefine:openrefine
OpenRefine has a reflected cross-site scripting vulnerability (XSS) from POST request in ExportRowsCommand 6 days ago
  • Fix available
  • Severity - 8.6 (High)
GHSA-3jm4-c6qf-jrh3
  • Maven/org.openrefine:main
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF) 6 days ago
  • Fix available
  • Severity - 7.6 (High)
GHSA-pw3x-c5vp-mfc3
  • Maven/org.openrefine:extensions
OpenRefine has a reflected cross-site scripting vulnerability (XSS) in GData extension (authorized.vt) 6 days ago
  • Fix available
  • Severity - 8.6 (High)
GHSA-jmrf-85g8-x8xv
  • Maven/org.apache.syncope.client:syncope-client-console
Apache Syncope: Stored XSS in Console and Enduser 6 days ago
  • No fix available
  • Severity - 5.1 (Medium)
GHSA-4gc7-5j7h-4qph
  • Maven/org.springframework:spring-context
Spring Framework DataBinder Case Sensitive Match Exception 18 Oct
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-h7w9-c5vx-x7j3
  • Maven/org.apache.solr:solr
Insecure Default Initialization of Resource vulnerability in Apache Solr 16 Oct
  • Fix available
  • Severity - 8.1 (High)