GHSA-w7qr-q9fh-fj35: Dozzle uses unsafe hash for passwords

GHSA-mq92-jr35-ffpc: open-webui allows enumeration of file names and traversal of directories by observing the error messages

GHSA-xcvc-5hgv-phqg: open-webui Insecure Direct Object Reference (IDOR) vulnerability

GHSA-54f4-v6v9-9q82: open-webui allows writing and deleting arbitrary files

GHSA-7qmx-3fpx-r45m: Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat.

**xxl-job-admin vulnerable to Insecure Permissions**

Moderate severity GitHub Reviewed Published Nov 15, 2023 to the GitHub Advisory Database • Updated Nov 15, 2023

Headline

GHSA-3w8r-3jh9-89v9: xxl-job-admin vulnerable to Insecure Permissions

Related news

ghsa: Latest News