Filter
-Infinity
0

npm/parse-serverParse Server's custom object ID allows to acquire role privileges

8.1
First published (updated )

npm/parse-serverParse Server may crash when uploading file without extension

7.5
First published (updated )

npm/parse-serverTrigger `beforeFind` not invoked in internal query pipeline in parse-server

7.5
First published (updated )

npm/parse-serverParse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution

First published (updated )

npm/parse-serverParse Server vulnerable to phishing attack vulnerability that involves uploading malicious HTML file

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

npm/parse-server-push-adapterInvalid push request payload crashes Parse Server

7.5
First published (updated )

Parse Platform Parse ServerParse Server is vulnerable to authentication bypass via spoofing

8.7
First published (updated )

npm/parse-serverParse Server subject to Prototype pollution via Cloud Code Webhooks

First published (updated )

npm/parse-serverParse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code Triggers

First published (updated )

npm/parse-serverParse Server vulnerable to Remote Code Execution via prototype pollution in MongoDB BSON parser

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

npm/parse-serverParse Server crashes when receiving file download request with invalid byte range

7.5
First published (updated )

Parse Platform Parse ServerParse Server subject to Improper Authentication allowing Auth adapter app ID validation to be circumvented

3.7
First published (updated )

Parse Platform Parse ServerParse Server subject to Incorrect Resource Transfer Between Spheres

First published (updated )

Parse Platform Parse ServerParse Server vulnerable to brute force guessing of user sensitive data via search patterns

8.6
First published (updated )

npm/parse-serverProtected fields exposed via LiveQuery in parse-server

8.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Parse Platform Parse ServerInvalid file request can crashe parse-server

7.5
First published (updated )

Parse Platform Parse ServerAuthentication bypass in Parse Server Apple Game Center auth adapter

8.6
First published (updated )

Parse Platform Parse ServerAuthentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter

7.5
First published (updated )

Parse Platform Parse ServerCommand Injection in Parse server

First published (updated )

Parse Platform Parse ServerLiveQuery publishes user session tokens

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Parse Platform Parse ServerCrash server with query parameter

7.5
First published (updated )

Parse Platform Parse ServerNew anonymous user session acts as if it's created with password

First published (updated )

Parse Platform Parse ServerParse Server stores password in plain text

7.7
First published (updated )

Parse Platform Parse ServerImproper session expiration in Parse Server

First published (updated )

npm/parse-serverInformation disclosure through Viewer query in parse-server

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Lifplatforms Lif Auth ServerInformation disclosure in parse-server

7.7
First published (updated )

Lifplatforms Lif Auth Serverparse-server before 3.6.0 allows account enumeration.

First published (updated )

Lifplatforms Lif Auth Serverparse-server before 3.4.1 allows DoS after any POST to a volatile class.

7.5
First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203