Aikido Vulnerability Database

A curated feed that compliments NVD and GitHub's Advisory Database

Human verified & human-readable
358 vulnerabilities found and growing
Critical
AIKIDO-2024-10347
jsonpath-plus is vulnerable to Remote code execution in versions 0.1.0 - 10.0.3.
October 17, 2024
High Risk
AIKIDO-2024-10346
electron is vulnerable to Type Confusion in versions 31.0.0 - 31.7.0 and 32.0.0 - 32.2.0.
October 17, 2024
Critical
AIKIDO-2024-10345
jsonpath-plus is vulnerable to Remote code execution in versions 0.1.0 - 10.0.0.
October 16, 2024
Low Risk
AIKIDO-2024-10344
github.com/wneessen/go-mail is vulnerable to Insertion of Sensitive Information into Log File in versions 0.1.0 - 0.5.0.
October 16, 2024
Critical
AIKIDO-2024-10343
craftcms/cms is vulnerable to Improper Privilege Management in versions 4.0.0 - 4.12.6 and 5.0.0 - 5.4.7.1.
October 16, 2024
Low Risk
AIKIDO-2024-10342
@backstage/backend-defaults is vulnerable to Accidental exposure of sensitive info possible in versions 0.1.0 - 0.5.0.
October 15, 2024
Low Risk
AIKIDO-2024-10341
@syncfusion/ej2-documenteditor is vulnerable to Cross-site Scripting (XSS) in versions 26.2.4 - 27.1.52.
October 15, 2024
Medium Risk
AIKIDO-2024-10340
mysql-connector-python is vulnerable to SQL Injection in versions 8.3.0 - 9.0.0.
October 15, 2024
Low Risk
AIKIDO-2024-10339
github.com/hashicorp/consul is vulnerable to Cross-site Scripting (XSS) in versions 1.9.0 - 1.19.2.
October 15, 2024
Medium Risk
AIKIDO-2024-10338
datadog/dd-trace is vulnerable to DoS possible due to memory leak or race condition in versions 0.1.0 - 1.3.2.
October 15, 2024
Low Risk
AIKIDO-2024-10337
libarchive.libarchive is vulnerable to DoS possible due to improper check for exceptional conditions in versions 3.0.0a - 3.7.6.
October 15, 2024
Low Risk
AIKIDO-2024-10336
http-server is vulnerable to Selection of Less-Secure Algorithm During Negotiation in versions 200 - 274.
October 15, 2024
Medium Risk
AIKIDO-2024-10335
@clerk/clerk-js is vulnerable to URL Redirection to Untrusted Site ('Open Redirect') in versions 2.13.1 - 5.26.3.
October 14, 2024
Low Risk
AIKIDO-2024-10334
astro is vulnerable to Cross-site Scripting (XSS) in versions 3.2.0 - 4.16.0.
October 14, 2024
High Risk
AIKIDO-2024-10333
api-platform/core is vulnerable to Missing Authorization in versions 4.0.0 - 4.0.2.
October 11, 2024
High Risk
AIKIDO-2024-10332
kedro is vulnerable to Remote Code Execution (RCE) in versions 0.18.4 - 0.19.8.
October 11, 2024
Medium Risk
AIKIDO-2024-10331
torchgeo is vulnerable to Command Injection in versions 0.4.0 - 0.6.0.
October 11, 2024
Low Risk
AIKIDO-2024-10330
gevent is vulnerable to Race Condition in versions 1.2.0 - 24.10.0.
October 10, 2024
Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For Free
Your data won't be shared · Read-only access
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US