Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-9gjv-jvm7-vv2v
  • PyPI/gramps-webapi
 Gramps Web API: Private Sub-Object Data in Non-Private Objects Exposed to Guest Users 9 minutes ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-cm8v-2vh9-cxf3
  • npm/openclaw
 OpenClaw: GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant) 9 minutes ago
  • Fix available
  • Severity - 2.0 (Low)
GHSA-9hfr-gw99-8rhx
  • RubyGems/bsv-sdk
 bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts 10 minutes ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-hc36-c89j-5f4j
  • RubyGems/bsv-sdk
  • RubyGems/bsv-wallet
 bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths) 10 minutes ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-95h2-gj7x-gx9w
  • npm/unhead
 Unhead has a hasDangerousProtocol() bypass via leading-zero padded HTML entities in useHeadSafe() 10 minutes ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-394w-hwhg-8vgm
  • crates.io/wasmtime
 Wasmtime has out-of-bounds write or crash when transcoding component model strings 14 minutes ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-6wgr-89rj-399p
  • crates.io/wasmtime
 Wasmtime has data leakage between pooling allocator instances 14 minutes ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-hfr4-7c6c-48w2
  • crates.io/wasmtime
 Wasmtime has use-after-free bug after cloning `wasmtime::Linker` 14 minutes ago
  • Fix available
  • Severity - 1.0 (Low)
GHSA-jhxm-h53p-jm7w
  • crates.io/wasmtime
 Wasmtime: Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift 15 minutes ago
  • Fix available
  • Severity - 9.0 (Critical)
GHSA-q49f-xg75-m9xw
  • crates.io/wasmtime
 Wasmtime has host panic when Winch compiler executes `table.fill` 15 minutes ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-m9w2-8782-2946
  • crates.io/wasmtime
 Wasmtime has host data leakage with 64-bit tables and Winch 15 minutes ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-qqfj-4vcm-26hv
  • crates.io/wasmtime
 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64 15 minutes ago
  • Fix available
  • Severity - 4.1 (Medium)
GHSA-m758-wjhj-p3jq
  • crates.io/wasmtime
 Wasmtime has a possible panic when lifting `flags` component value 15 minutes ago
  • Fix available
  • Severity - 5.6 (Medium)
GHSA-jxhv-7h78-9775
  • crates.io/wasmtime
 Wasmtime: Panic when transcoding misaligned utf-16 strings 16 minutes ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-hx6p-xpx3-jvvv
  • crates.io/wasmtime
 Wasmtime: Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding 16 minutes ago
  • Fix available
  • Severity - 6.9 (Medium)
CGA-fv65-7rh5-28p4
  • Chainguard/frankenphp-8.3
  • Chainguard/frankenphp-8.5
 See record for full details 37 minutes ago
  • Fix available
Load more...