aikido.dev
Submit a Fix
Go To App
Powered by AI + Aikido Research team
Aikido Intel
We track 5 million open-source packages, exposing vulnerabilities before they get CVE numbers. Many never do.
Human verified threat feed
391
vulnerabilities exposed
Detect blind spots in NVD & Github Advisory DB
Sort on
Date
Sort on
Date
Severity
Low
Risk
AIKIDO-2024-10380
symfony/symfony is vulnerable to Improper Neutralization of Null Byte in versions 2.0.0 - 5.4.37, 6.0.0 - 6.4.9 and 7.0.0 - 7.0.5.
October 28, 2024
Low
Risk
AIKIDO-2024-10379
easycorp/easyadmin-bundle is vulnerable to Cross-site Scripting (XSS) in versions 3.4.0 - 4.8.9.
October 28, 2024
Low
Risk
AIKIDO-2024-10378
easycorp/easyadmin-bundle is vulnerable to Cross-site Scripting (XSS) in versions 3.5.0 - 4.9.5.
October 28, 2024
Low
Risk
AIKIDO-2024-10377
craftcms/feed-me is vulnerable to Insertion of Sensitive Information into Log File in versions 6.2.0 - 6.2.1.
October 28, 2024
Medium
Risk
AIKIDO-2024-10376
github.com/containers/storage is vulnerable to Path Traversal in versions 1.17.0 - 1.51.1 and 1.52.0 - 1.55.0.
October 28, 2024
Low
Risk
AIKIDO-2024-10375
laravel/framework is vulnerable to Observable Timing Discrepancy in versions 9.6.0 - 10.41.0.
October 28, 2024
Medium
Risk
AIKIDO-2024-10374
laravel/framework is vulnerable to Use of Weak Hash in versions 0.0.1 - 11.1.1.
October 28, 2024
Low
Risk
AIKIDO-2024-10373
spatie/laravel-ignition is vulnerable to Generation of Error Message Containing Sensitive Information in versions 0.0.1 - 2.4.1.
October 28, 2024
Medium
Risk
AIKIDO-2024-10372
expo-clipboard is vulnerable to Relative Path Traversal in versions 0.0.1 - 4.8.0.
October 25, 2024
Medium
Risk
AIKIDO-2024-10371
virtualenv is vulnerable to Command Injection in versions 0.0.1 - 20.26.5.
October 25, 2024
High
Risk
AIKIDO-2024-10370
sentence-transformers is vulnerable to Remote Code Execution in versions 0.0.1 - 3.0.1.
October 25, 2024
High
Risk
AIKIDO-2024-10369
github.com/sirupsen/logrus is vulnerable to Denial of Service (DoS) in versions 0.0.1 - 1.8.2 and 1.9.0 - 1.9.0.
October 25, 2024
High
Risk
AIKIDO-2024-10368
surrealdb is vulnerable to Improper Authorization in versions 0.0.1 - 2.0.3.
October 25, 2024
Medium
Risk
AIKIDO-2024-10367
keycloak-services is vulnerable to URL Redirection to Untrusted Site ('Open Redirect') in versions 0.0.1 - 22.0.12, 24.0.0 - 24.0.7 and 25.0.0 - 25.0.5.
October 25, 2024
High
Risk
AIKIDO-2024-10366
keycloak-saml-wildfly-elytron-adapter is vulnerable to Session Fixation in versions 0.0.1 - 22.0.11, 24.0.0 - 24.0.6 and 25.0.0 - 25.0.4.
October 25, 2024
Critical
AIKIDO-2024-10365
@vendure/asset-server-plugin is vulnerable to Directory Traversal in versions 0.0.1 - 2.3.2 and 3.0.0 - 3.0.4.
October 24, 2024
Critical
AIKIDO-2024-10364
solr-core is vulnerable to Improper Authentication in versions 5.3.0 - 8.11.4 and 9.0.0 - 9.6.1.
October 24, 2024
Low
Risk
AIKIDO-2024-10363
spring-core is vulnerable to Improper Handling of Case Sensitivity in versions 0.0.1 - 5.3.40, 6.0.0 - 6.0.24 and 6.1.0 - 6.1.13.
October 24, 2024
Show More
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US