Vulnerabilidades en parse-community
117 resultadosCVE-2022-24760CRITICALCommand Injection in Parse serverEPSS 49.1%CVE-2022-39396CRITICALParse Server vulnerable to Remote Code Execution via prototype pollution in MongoDB BSON parserEPSS 41.2%CVE-2024-39309CRITICALZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass VulnerabilityEPSS 20.2%CVE-2023-36475CRITICALParse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollutionEPSS 2.7%CVE-2021-39187HIGHCrash server with query parameterEPSS 1.8%CVE-2021-41109HIGHLiveQuery publishes user session tokensEPSS 1.2%CVE-2024-29027CRITICALParse Server crash and RCE via invalid Cloud Function or Cloud Job nameEPSS 1.2%CVE-2020-15270MEDIUMImproper session expiration in Parse ServerEPSS 1.2%CVE-2020-15126MEDIUMInformation disclosure through Viewer query in parse-serverEPSS 1.1%CVE-2023-46119HIGHParse Server may crash when uploading file without extensionEPSS 1.1%CVE-2024-27298CRITICALParse Server literalizeRegexPart SQL InjectionEPSS 1.0%CVE-2022-31112HIGHProtected fields exposed via LiveQuery in parse-serverEPSS 1.0%CVE-2021-39138MEDIUMNew anonymous user session acts as if it's created with passwordEPSS 1.0%CVE-2022-36079HIGHParse Server vulnerable to brute force guessing of user sensitive data via search patternsEPSS 1.0%CVE-2022-31089HIGHInvalid file request can crashe parse-serverEPSS 0.9%CVE-2023-32688MEDIUMInvalid push request payload crashes Parse ServerEPSS 0.9%CVE-2022-41878HIGHParse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code TriggersEPSS 0.9%CVE-2020-5251HIGHInformation disclosure in parse-serverEPSS 0.8%CVE-2025-53364MEDIUMParse Server exposes the data schema via GraphQL APIEPSS 0.8%CVE-2022-41879HIGHParse Server subject to Prototype pollution via Cloud Code WebhooksEPSS 0.8%