apache — airflow In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation. 2022-09-02 not yet calculated CVE-2022-38054CONFIRMMLIST apache — airflow In Apache…

advancecomp — advancecomp Advancecomp v2.3 was discovered to contain a segmentation fault. 2022-08-29 not yet calculated CVE-2022-35019MISCMISC advancecomp — advancecomp Advancecomp v2.3 was discovered to contain a segmentation fault. 2022-08-29…

72crm — wukong_crm 72crm 9.0 has an Arbitrary file upload vulnerability. 2022-08-24 not yet calculated CVE-2022-37181MISC 72crm — wukong_crm An issue was discovered in 72crm 9.0. There is a SQL…

activerecord — update_by_case This Rails gem adds two methods to the ActiveRecord::Base class that allow you to update many records on a single database hit, using a case sql statement…

accusoft — imagegear An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An…

@acrontum — filesystem-template The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input. 2022-08-05 not…

@ianwalter/merge — @ianwalter/merge All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead. 2022-07-25 not yet calculated CVE-2021-23397CONFIRM adobe —…

adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type (‘Type Confusion’) vulnerability…

adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary…

adminlte — adminlte AdminLTE is a Pi-hole Dashboard for stats and configuration. In affected versions inserting code like `<script>alert(“XSS”)</script>` in the field marked with “Domain to look for” and hitting…