Every1's a fraud 'cuz they pick & choose what they show.

CVE-2022-21687: DSN Injection in gh-ost

gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability.
Read more ⟶

CVE-2021-45459: OS Command Injection in node-windows

node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter.
Read more ⟶

CVE-2021-44686: Regular Expression Denial-of-Service (ReDoS) in calibre

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service).
Read more ⟶

CVE-2021-44685: OS Command Injection in Git-it

Git-it through 4.4.0 allows OS command injection.
Read more ⟶

CVE-2021-44684: OS Command Injection in github-todos

github-todos 3.1.0 is vulnerable to command injection.
Read more ⟶