GHSA-9h9q-qhxg-89xr: Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting

GHSA-jg74-mwgw-v6x3: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

GHSA-h4h5-9833-v2p4: Rancher agents can be hijacked by taking over the Rancher Server URL

GHSA-g54f-66mw-hv66: Agnai vulnerable to Relative Path Traversal in Image Upload

GHSA-h355-hm5h-cm8h: Agnai File Disclosure Vulnerability: JSON via Path Traversal 

OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.

**nadesiko3 vulnerable to OS Command Injection**

Critical severity GitHub Reviewed Published Dec 5, 2022 • Updated Dec 6, 2022

Headline

GHSA-7249-8x22-4rg4: nadesiko3 vulnerable to OS Command Injection

Related news

ghsa: Latest News