Security
Headlines

Headlines Latest CVEs

Headline

GHSA-pgjv-jrg2-gq3v: dompurify vulnerable to Cross-site Scripting

dompurify prior to version 2.2.2 is vulnerable to cross-site scripting when converting from SVG namespace.

2 years ago

dompurify vulnerable to Cross-site Scripting

Moderate severity GitHub Reviewed Published Jan 11, 2023

ghsa: Latest News

GHSA-92vj-g62v-jqhh: Hono has Body Limit Middleware Bypass

2 days ago

GHSA-q7pg-9pr4-mrp2: httpsig-rs: HMAC verification is vulnerable to timing attack

2 days ago

GHSA-wgpv-6j63-x5ph: Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover

2 days ago

GHSA-vcqx-v2mg-7chx: Neo4j Cypher MCP server is vulnerable to DNS rebinding

2 days ago

GHSA-7vm2-j586-vcvc: SurrealDB is Vulnerable to Unauthorized Data Exposure via LIVE Query Subscriptions

3 days ago