Aikido Vulnerability Database

A curated feed that compliments NVD and GitHub's Advisory Database

Human verified & human-readable
332 vulnerabilities found and growing
Medium Risk
AIKIDO-2024-10321
go.opentelemetry.io/collector/internal/globalgates is vulnerable to Undefined Behavior in versions 0.2.0 - 0.110.0 and 1.0.0 - 1.16.0.
October 4, 2024
Medium Risk
AIKIDO-2024-10320
go.opentelemetry.io/collector/config/confignet is vulnerable to Undefined Behavior in versions 0.2.0 - 0.110.0 and 1.0.0 - 1.16.0.
October 4, 2024
Medium Risk
AIKIDO-2024-10319
imap-tools is vulnerable to Improper Input Validation in versions 0.9.0 - 1.7.2.
October 4, 2024
Medium Risk
AIKIDO-2024-10317
@kinde-oss/kinde-auth-nextjs is vulnerable to Storage of Sensitive Information in a Cookie in versions 1.8.19 - 1.10.1 and 2.0.0 - 2.3.8.
October 3, 2024
Medium Risk
AIKIDO-2024-10316
prism is vulnerable to Improper Input Validation in versions 0.7.0 - 1.0.0.
October 3, 2024
Medium Risk
AIKIDO-2024-10315
chainlit is vulnerable to Improper Authentication in versions 0.7.0 - 1.2.0.
October 3, 2024
Medium Risk
AIKIDO-2024-10314
@vendure/ui-devkit is vulnerable to Exposure of Sensitive Information in versions 1.0.0 - 3.0.1.
October 2, 2024
Medium Risk
AIKIDO-2024-10313
@grafana/ui is vulnerable to Improper Authorization in versions 8.0.0 - 10.3.9, 10.4.0 - 10.4.8, 11.0.0 - 11.0.4 and 11.1.0 - 11.1.5.
October 2, 2024
Medium Risk
AIKIDO-2024-10312
@grafana/data is vulnerable to Improper Authorization in versions 8.0.0 - 10.3.9, 10.4.0 - 10.4.8, 11.0.0 - 11.0.4 and 11.1.0 - 11.1.5.
October 2, 2024
Medium Risk
AIKIDO-2024-10311
@grafana/runtime is vulnerable to Improper Authorization in versions 8.0.0 - 10.3.9, 10.4.0 - 10.4.8, 11.0.0 - 11.0.4 and 11.1.0 - 11.1.5.
October 2, 2024
High Risk
AIKIDO-2024-10310
statamic/cms is vulnerable to Cross-site Scripting (XSS) in versions 3.0.0 - 4.58.2 and 5.0.0 - 5.22.0.
October 2, 2024
High Risk
AIKIDO-2024-10309
zenstack is vulnerable to Improper Authorization in versions 2.0.0 - 2.4.1.
October 2, 2024
High Risk
AIKIDO-2024-10308
dart_jsonwebtoken is vulnerable to Insufficient Verification of Data Authenticity in versions 0.1.0 - 2.14.0.
October 1, 2024
High Risk
AIKIDO-2024-10307
laravel/octane is vulnerable to DoS in versions 0.1.0 - 2.5.5.
October 1, 2024
High Risk
AIKIDO-2024-10306
@trojs/openapi-server is vulnerable to DoS in versions 0.1.0 - 1.2.5 and 2.0.0 - 2.0.1.
October 1, 2024
Low Risk
AIKIDO-2024-10305
kevinpapst/tabler-bundle is vulnerable to Cross-Site Request Forgery (CSRF) in versions 0.1 - 1.5.1.
October 1, 2024
Low Risk
AIKIDO-2024-10304
fastify-type-provider-zod is vulnerable to Generation of Error Message Containing Sensitive Information in versions 3.0.0 - 4.0.0.
October 1, 2024
Medium Risk
AIKIDO-2024-10303
@scalar/api-client is vulnerable to Cross-site Scripting (XSS) in versions 0.1.1 - 2.1.9.
September 30, 2024
Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For Free
Your data won't be shared · Read-only access
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US