Every1's a fraud 'cuz they pick & choose what they show.

CVE-2024-39316: Regular Expression Denial-of-Service (ReDoS) in Rack

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Rack::Request::Helpers module when parsing HTTP Accept headers.
Read more ⟶

CVE-2023-35844: Arbitrary File Read in Lightdash

Lightdash version <= 0.506.4 is vulnerable to a path traversal attack, allowing an attacker to access arbitrary files on the server.
Read more ⟶

CVE-2023-35843: Arbitrary File Read in NocoDB

The NocoDB application version <= 0.106.1 has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating...
Read more ⟶

CVE-2023-23596: OS Command Injection in Nginx Proxy Manager

An OS command injection vulnerability exists in versions of Nginx Proxy Manager prior to 2.9.19.
Read more ⟶

CVE-2023-22493: Server Side Request Forgery (SSRF) in RSSHub

RSSHub is vulnerable to SSRF attacks. An attacker to send arbitrary HTTP requests from the server to other servers or resources on the network.
Read more ⟶