Alerts

A vulnerability was found in donglight bookstore???????? 1.0.0. It has been declared as problematic. This vulnerability affects the function BookSearchList of the file...

A vulnerability was found in donglight bookstore???????? 1.0.0. It has been rated as problematic. This issue affects the function updateUser of the file...

There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the...

There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code

There is a denial of service vulnerability in the header parsing component of Rack.

There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.

The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC...

ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning...

A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response...

A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar....