Aikido Vulnerability Database

A curated feed that compliments NVD and GitHub's Advisory Database

Human verified & human-readable
203 vulnerabilities found and growing
High Risk
AIKIDO-2024-10189
spatie/laravel-medialibrary is vulnerable to Unrestricted Upload of File with Dangerous Type in versions 8.0.0 - 11.7.3.
July 18, 2024
High Risk
AIKIDO-2024-10188
electron is vulnerable to Use after free in versions 29.0.0 - 29.4.4.
July 17, 2024
Low Risk
AIKIDO-2024-10187
survey-angular-ui is vulnerable to Cross-site Scripting (XSS) in versions 1.9.69 - 1.11.6.
July 17, 2024
Low Risk
AIKIDO-2024-10186
verbb/formie is vulnerable to Cross-site Scripting (XSS) in versions 1.2.0 - 2.1.20.
July 17, 2024
Low Risk
AIKIDO-2024-10185
pulumi-azuread is vulnerable to Insertion of Sensitive Information into Log File in versions 2.2.1 - 5.53.1.
July 16, 2024
Low Risk
AIKIDO-2024-10184
@forestadmin/datasource-toolkit is vulnerable to Generation of Error Message Containing Sensitive Information in versions 1.34.2 - 1.34.2.
July 16, 2024
Low Risk
AIKIDO-2024-10183
@forestadmin/agent is vulnerable to Generation of Error Message Containing Sensitive Information in versions 1.41.4 - 1.41.5.
July 16, 2024
Low Risk
AIKIDO-2024-10182
prosemirror-model is vulnerable to Cross-site Scripting (XSS) in versions 1.0.0 - 1.22.0.
July 15, 2024
Low Risk
AIKIDO-2024-10181
path-to-regexp is vulnerable to Regular Expression Denial of Service (ReDoS) in versions 0.0.1 - 7.0.0.
July 15, 2024
Critical
AIKIDO-2024-10180
lightning is vulnerable to Unrestricted Upload of File with Dangerous Type in versions 0.2 - 2.3.2.
July 15, 2024
Low Risk
AIKIDO-2024-10179
@nangohq/frontend is vulnerable to Insertion of Sensitive Information into Log File in versions 0.6.0 - 0.41.0.
July 15, 2024
Medium Risk
AIKIDO-2024-10178
llama-index is vulnerable to Race Condition in versions 0.10.0 - 0.10.54.
July 12, 2024
High Risk
AIKIDO-2024-10177
@rive-app/canvas is vulnerable to Heap-based Buffer Overflow in versions 2.1.1 - 2.19.2.
July 12, 2024
High Risk
AIKIDO-2024-10176
electron is vulnerable to Type Confusion in versions 29.0.0 - 29.4.2 and 30.0.0 - 30.1.2.
July 12, 2024
Medium Risk
AIKIDO-2024-10175
@cloudflare/next-on-pages is vulnerable to Server-Side Request Forgery (SSRF) in versions 1.4.0 - 1.12.0.
July 11, 2024
Low Risk
AIKIDO-2024-10174
django-allauth is vulnerable to Insertion of Sensitive Information into Log File in versions 0.1.0 - 0.63.3.
July 11, 2024
Medium Risk
AIKIDO-2024-10173
next is vulnerable to Server-Side Request Forgery (SSRF) in versions 12.1.0 - 14.2.4.
July 11, 2024
High Risk
AIKIDO-2024-10172
github.com/zalando/skipper is vulnerable to Malicious Code in versions 0.13.231 - 0.21.139.
July 8, 2024
Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For Free
Your data won't be shared · Read-only access
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US