Filter
Versions
9.0.0-beta10
3
9.0.0-beta11
3
9.0.1
3
10.13.0
2
9.0.0
2
9.0.0-alpha10
2
9.0.0-alpha11
2
9.0.0-alpha12
2
9.0.0-alpha13
2
9.0.0-alpha14
2
9.0.0-alpha15
2
9.0.0-alpha16
2
9.0.0-alpha17
2
9.0.0-alpha18
2
9.0.0-alpha19
2
9.0.0-alpha20
2
9.0.0-alpha21
2
9.0.0-alpha22
2
9.0.0-alpha23
2
9.0.0-alpha24
2
9.0.0-alpha25
2
9.0.0-alpha26
2
9.0.0-alpha27
2
9.0.0-alpha31
2
9.0.0-alpha32
2
9.0.0-alpha33
2
9.0.0-alpha34
2
9.0.0-alpha35
2
9.0.0-alpha36
2
9.0.0-beta1
2
9.4.1
2
10.3.0
1
10.4.0
1
9.0.0-alpha37
1
9.0.0-beta12
1
9.0.0-beta13
1
9.0.0-beta14
1
9.0.0-beta2
1
9.0.0-beta3
1
9.0.0-beta4
1
9.0.0-beta5
1
9.0.0-beta7
1
9.0.0-beta8
1
9.0.0-beta9
1
9.0.0-rc0
1
9.0.0-rc1
1
9.0.0-rc10
1
9.0.0-rc100
1
9.0.0-rc101
1
9.0.0-rc11
1
9.0.0-rc12
1
9.0.0-rc13
1
9.0.0-rc14
1
9.0.0-rc15
1
9.0.0-rc17
1
9.0.0-rc18
1
9.0.0-rc19
1
9.0.0-rc2
1
9.0.0-rc31
1
9.0.0-rc32
1
9.0.0-rc33
1
9.6.0
1
npm/directusDirectus privilege escalation vulnerability using Share feature
EPSS
0.04%
First published (updated )
DirectusAccess token from query string is inserted into logs in Directus
4.2
First published (updated )
npm/directusDirectus 10.13.0 - Insecure object reference via PATH presets
4.3
EPSS
0.04%
First published (updated )
npm/directusDirectus 10.13.0 - DOM-Based cross-site scripting (XSS) via layout_options
5.4
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
npm/@directus/envDirectus GraphQL Field Duplication Denial of Service (DoS)
6.5
First published (updated )
npm/@directus/apiDirectus has a Blind SSRF On File Import
First published (updated )
npm/directusDirectus is soft-locked by providing a string value to random string util
7.5
First published (updated )
npm/directusDirectus Lacks Session Tokens Invalidation
5.4
EPSS
0.04%
First published (updated )
npm/directusDirectus allows redacted data extraction on the API through "alias"
4.9
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
npm/directusURL Redirection to Untrusted Site in OAuth2/OpenID in directus
5.4
EPSS
0.04%
First published (updated )
npm/directusDirectus version number disclosure
5.3
EPSS
0.04%
First published (updated )
npm/directusDirectus MySQL accent insensitive email matching
8.2
EPSS
0.04%
First published (updated )
npm/directusDirectus crashes on invalid WebSocket message
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
npm/directusDirectus has Incorrect Permission Checking for GraphQL Subscriptions
6.5
First published (updated )
Directusdirectus vulnerable to Insertion of Sensitive Information into Log File
5.5
First published (updated )
DirectusExtract password hashes through export querying in directus
4.3
First published (updated )
DirectusDirectus vulnerable to Server-Side Request Forgery On File Import
7.5
First published (updated )
Directus 7 APIdirectus - SSRF which leads to internal port scan
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Directus 7 APIDirectus - Stored Cross-Site Scripting (XSS) in Profile Avatar Image
5.4
First published (updated )
Directus 7 APIDirectus - Stored Cross-Site Scripting (XSS) via SVG File Upload
5.4
First published (updated )
Directusinterfaces/markdown/input.vue in Directus 7 Application before 7.7.0 does not sanitize Markdown text…
5.3
First published (updated )