Vulnerability DB | Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

M

Allocation of Resources Without Limits or Throttling

Affects github.com/elastic/beats/v7/packetbeat/decoder | Versions >=8.6.0 <8.19.9>=9.0.0 <9.1.9>=9.2.0 <9.2.3

Has fix

GoPublished 21 Dec 2025

L

Arbitrary Argument Injection

Affects libguestfs/libnbd | Versions [0,]

Has fix

Unmanaged (C/C++)Published 21 Dec 2025

M

Cross-site Scripting (XSS)

Affects simplemachines/smf | Versions >=0.0.0

Has fix

ComposerPublished 21 Dec 2025

M

Allocation of Resources Without Limits or Throttling

Affects github.com/elastic/beats/packetbeat/decoder | Versions >=8.6.0 <8.19.9>=9.0.0 <9.1.9>=9.2.0 <9.2.3

Has fix

GoPublished 21 Dec 2025

H

Improper Validation of Specified Quantity in Input

Affects github.com/elastic/beats/v7/libbeat/processors/dissect | Versions >=7.0.0-alpha1 <8.19.9>=9.0.0-beta1 <9.1.9>=9.2.0 <9.2.3

Has fix

GoPublished 21 Dec 2025

H

Improper Validation of Specified Quantity in Input

Affects github.com/elastic/beats/libbeat/processors/dissect | Versions >=7.0.0-alpha1 <8.19.9>=9.0.0-beta1 <9.1.9>=9.2.0 <9.2.3

Has fix

GoPublished 21 Dec 2025

H

External Control of File Name or Path

Affects langflow-base | Versions [,0.7.0)

Has fix

pipPublished 21 Dec 2025

H

Server-side Request Forgery (SSRF)

Affects langflow-base | Versions [,0.7.0)

Has fix

pipPublished 21 Dec 2025

H

Deserialization of Untrusted Data

Affects org.apache.nifi:nifi-asana-processors | Versions [1.20.0,2.7.0)

Has fix

MavenPublished 21 Dec 2025

H

Unquoted Search Path or Element

Affects OCSInventory-NG/WindowsAgent | Versions [,2.3.1)

Has fix

Unmanaged (C/C++)Published 21 Dec 2025

H

Authorization Bypass Through User-Controlled Key

Affects pretix | Versions [,2025.8.3)[2025.9.0,2025.9.3)[2025.10.0,2025.10.1)

Has fix

pipPublished 21 Dec 2025

H

Authorization Bypass Through User-Controlled Key

Affects pretix | Versions [,2025.8.3)[2025.9.0,2025.9.3)[2025.10.0,2025.10.1)

Has fix

pipPublished 21 Dec 2025

H

Directory Traversal

Affects org.takes:takes | Versions [0,)

Has fix

MavenPublished 21 Dec 2025

M

Cross-site Scripting (XSS)

Affects orejime | Versions <2.3.2

Has fix

npmPublished 21 Dec 2025

M

Affects Genymobile/scrcpy | Versions [,3.3.4)

Has fix

Unmanaged (C/C++)Published 21 Dec 2025

L

Cross-site Scripting (XSS)

Affects @tutao/tutanota-utils | Versions <314.251111.0

Has fix

npmPublished 21 Dec 2025

L

Cross-site Scripting (XSS)

Affects @tutao/otest | Versions <314.251111.0

Has fix

npmPublished 21 Dec 2025

M

Server-side Request Forgery (SSRF)

Affects cowrie | Versions [,2.9.0)

Has fix

pipPublished 21 Dec 2025

M

Cross-site Request Forgery (CSRF)

Affects fastapi-users | Versions [,15.0.2)

Has fix

pipPublished 21 Dec 2025

M

Buffer Underflow

Affects capstone | Versions [0,]

Has fix

ConanPublished 20 Dec 2025

M

Heap-based Buffer Overflow

Affects capstone | Versions [0,]

Has fix

ConanPublished 20 Dec 2025

M

Use of a Broken or Risky Cryptographic Algorithm

Affects aws-sdk-cpp | Versions [0,]

Has fix

ConanPublished 20 Dec 2025

H

Buffer Overflow

Affects pali/igmpproxy | Versions [0,]

Has fix

Unmanaged (C/C++)Published 19 Dec 2025

M

Heap-based Buffer Overflow

Affects floooh/sokol | Versions [0,]

Has fix

Unmanaged (C/C++)Published 19 Dec 2025

M

NULL Pointer Dereference

Affects WebAssembly/binaryen | Versions [0,]

Has fix

Unmanaged (C/C++)Published 19 Dec 2025

M

Heap-based Buffer Overflow

Affects WebAssembly/binaryen | Versions [0,]

Has fix

Unmanaged (C/C++)Published 19 Dec 2025

C

Incorrect Permission Assignment for Critical Resource

Affects github.com/ollama/ollama/server | Versions >=0.0.1

Has fix

GoPublished 19 Dec 2025

M

Arbitrary File Upload

Affects weblate | Versions [,5.15.1)

Has fix

pipPublished 19 Dec 2025

M

Directory Traversal

Affects weblate | Versions [,5.15.1)

Has fix

pipPublished 19 Dec 2025

M

Stack-based Buffer Overflow

Affects merbanan/rtl_433 | Versions [,25.12)

Has fix

Unmanaged (C/C++)Published 19 Dec 2025

Product

Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
Snyk AppRisk

Resources

Vulnerability DB
Documentation
Disclosed Vulnerabilities
Blog
FAQs

Company

About
Jobs
Contact
Policies
Do Not Sell My Personal Information

Contact Us

Support
Report a new vuln
Events

Find us online

Track our development

© 2025 Snyk Limited

Registered in England and Wales. Company number: 09677925

Registered address: Highlands House, Basingstoke Road, Spencers Wood, Reading, Berkshire, RG7 1NT.