Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose l...
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a timing side-channel vulnerability in the pas...
--- title: Cross-Tenant Legacy Correlation Disclosure and Deletion draft: false hero: image: /static/img/heros/hero-legal2.svg content: "# Cros...
In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifications:write” or “alert.n...
HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such i...
Mattermost versions 10.11.x
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application d...
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from c...
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php.
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
