Every1's a fraud 'cuz they pick & choose what they show.
CVE-2022-29256: OS Command Injection in sharp
• sharp prior to version 0.30.4 is vulnerable to OS command injection. The environment PKG_CONFIG_PATH variable is used to install...Read more ⟶
CVE-2022-23942: Hard-coded Credentials in Apache Doris
• Apache Doris use hardcoded key and IV to initialize the cipher used for LDAP password, which may lead to information disclosure.Read more ⟶
CVE-2022-21687: DSN Injection in gh-ost
• gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability.Read more ⟶
CVE-2021-45459: OS Command Injection in node-windows
• node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter.Read more ⟶
CVE-2021-44686: Regular Expression Denial-of-Service (ReDoS) in calibre
• calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service).Read more ⟶