Every1's a fraud 'cuz they pick & choose what they show.
CVE-2023-23596: OS Command Injection in Nginx Proxy Manager
• An OS command injection vulnerability exists in versions of Nginx Proxy Manager prior to 2.9.19.Read more ⟶
CVE-2023-22493: Server Side Request Forgery (SSRF) in RSSHub
• RSSHub is vulnerable to SSRF attacks. An attacker to send arbitrary HTTP requests from the server to other servers or resources on the network.Read more ⟶
CVE-2022-3023: DSN Injection in TiDB Server Importer
• TiDB server (importer CLI tool) prior to version 6.4.0 & 6.1.3 is vulnerable to data source name injection. The database name for generating...Read more ⟶
CVE-2022-29256: OS Command Injection in sharp
• sharp prior to version 0.30.4 is vulnerable to OS command injection. The environment PKG_CONFIG_PATH variable is used to install...Read more ⟶
CVE-2022-23942: Hard-coded Credentials in Apache Doris
• Apache Doris use hardcoded key and IV to initialize the cipher used for LDAP password, which may lead to information disclosure.Read more ⟶