Submit a Fix
Go To App
Aikido Vulnerability Database
A curated feed that compliments NVD and GitHub's Advisory Database
Human verified & human-readable
262
vulnerabilities found and growing
Sort on
Date
Sort on
Date
Severity
Medium
Risk
AIKIDO-2024-10248
github.com/jhump/protoreflect is vulnerable to Uncaught Exception in versions 1.0.0 - 1.16.0.
September 10, 2024
Medium
Risk
AIKIDO-2024-10247
@newrelic/browser-agent is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in versions 1.259.0 - 1.264.0.
September 10, 2024
Medium
Risk
AIKIDO-2024-10246
github.com/go-gitea/gitea is vulnerable to Cross-Site Scripting (XSS) in versions 1.20.0 - 1.22.1.
September 10, 2024
Medium
Risk
AIKIDO-2024-10245
litellm is vulnerable to SQL Injection in versions 1.44.8 - 1.44.16.
September 10, 2024
Low
Risk
AIKIDO-2024-10244
langchain is vulnerable to Insertion of Sensitive Information into Log File in versions 0.1.0 - 0.2.17.
September 10, 2024
High
Risk
AIKIDO-2024-10243
ng2-pdfjs-viewer is vulnerable to Cross-site Scripting in all versions.
September 6, 2024
Low
Risk
AIKIDO-2024-10242
@adobe/aio-lib-state is vulnerable to Insertion of Sensitive Information into Log File in versions 1.0.0 - 5.0.0.
September 4, 2024
Low
Risk
AIKIDO-2024-10241
webdav-servlet is vulnerable to Use of Weak Hash in versions 1.0.0 - 1.2.69.
September 3, 2024
Medium
Risk
AIKIDO-2024-10240
github.com/hashicorp/vault is vulnerable to Insertion of Sensitive Information into Log File in versions 1.17.3 - 1.17.4.
September 3, 2024
Low
Risk
AIKIDO-2024-10239
fluent-bit is vulnerable to Memory Leak in versions 1.0.0 - 3.1.6.
September 2, 2024
Low
Risk
AIKIDO-2024-10238
github.com/Clickhouse/Clickhouse-go/v2 is vulnerable to Uncaught Exception in versions 2.0.0 - 2.28.1.
September 2, 2024
Low
Risk
AIKIDO-2024-10237
adminjs is vulnerable to Generation of Error Message Containing Sensitive Information in versions 3.3.0 - 7.8.11.
September 2, 2024
High
Risk
AIKIDO-2024-10236
github.com/siderolabs/go-api-signature is vulnerable to Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in versions 0.1.0 - 0.3.4.
September 2, 2024
Medium
Risk
AIKIDO-2024-10235
django-allauth is vulnerable to Authentication Bypass by Capture-replay in versions 0.61.1 - 64.1.0.
August 30, 2024
High
Risk
AIKIDO-2024-10234
litellm is vulnerable to Improper Input Validation in versions 1.40.15 - 1.44.8.
August 30, 2024
Low
Risk
AIKIDO-2024-10233
@syncfusion/ej2-grids is vulnerable to Cross-site Scripting (XSS) in versions 16.3.32 - 26.2.10.
August 28, 2024
Low
Risk
AIKIDO-2024-10232
radix-vue is vulnerable to Cross-site Scripting (XSS) in versions 0.1.20 - 1.9.4.
August 28, 2024
Low
Risk
AIKIDO-2024-10231
nats-py is vulnerable to Memory Leak in versions 1.0.0 - 2.8.0.
August 27, 2024
Show More
Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For Free
Your data won't be shared · Read-only access
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US