Filter
-Infinity
0

Trending

Last week
Last month
Last year

npm/parse-serverParse Server's custom object ID allows to acquire role privileges

high
8.1
First published (updated )
CVE-2024-47183

npm/parse-serverParse Server may crash when uploading file without extension

high
7.5
First published (updated )
CVE-2023-46119

npm/parse-serverTrigger `beforeFind` not invoked in internal query pipeline in parse-server

high
7.5
First published (updated )
CVE-2023-41058

npm/parse-serverParse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution

critical
9.8
First published (updated )
CVE-2023-36475

npm/parse-serverParse Server vulnerable to phishing attack vulnerability that involves uploading malicious HTML file

medium
6.5
First published (updated )
CVE-2023-32689

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

npm/parse-server-push-adapterInvalid push request payload crashes Parse Server

high
7.5
First published (updated )
CVE-2023-32688

Parse Platform Parse ServerParse Server is vulnerable to authentication bypass via spoofing

high
8.7
First published (updated )
CVE-2023-22474

npm/parse-serverParse Server subject to Prototype pollution via Cloud Code Webhooks

critical
9.8
First published (updated )
CVE-2022-41879

npm/parse-serverParse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code Triggers

critical
9.8
First published (updated )
CVE-2022-41878

npm/parse-serverParse Server vulnerable to Remote Code Execution via prototype pollution in MongoDB BSON parser

critical
9.8
First published (updated )
CVE-2022-39396

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

npm/parse-serverParse Server crashes when receiving file download request with invalid byte range

high
7.5
First published (updated )
CVE-2022-39313

Parse Platform Parse ServerParse Server subject to Improper Authentication allowing Auth adapter app ID validation to be circumvented

low
3.7
First published (updated )
CVE-2022-39231

Parse Platform Parse ServerParse Server subject to Incorrect Resource Transfer Between Spheres

medium
4.3
First published (updated )
CVE-2022-39225

Parse Platform Parse ServerParse Server vulnerable to brute force guessing of user sensitive data via search patterns

high
8.6
First published (updated )
CVE-2022-36079

npm/parse-serverProtected fields exposed via LiveQuery in parse-server

high
8.2
First published (updated )
CVE-2022-31112

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Parse Platform Parse ServerInvalid file request can crashe parse-server

high
7.5
First published (updated )
CVE-2022-31089

Parse Platform Parse ServerAuthentication bypass in Parse Server Apple Game Center auth adapter

high
8.6
First published (updated )
CVE-2022-31083

Parse Platform Parse ServerAuthentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter

high
7.5
First published (updated )
CVE-2022-24901

Parse Platform Parse ServerCommand Injection in Parse server

critical
10
First published (updated )
CVE-2022-24760

Parse Platform Parse ServerLiveQuery publishes user session tokens

high
7.5
First published (updated )
CVE-2021-41109

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Parse Platform Parse ServerCrash server with query parameter

high
7.5
First published (updated )
CVE-2021-39187

Parse Platform Parse ServerNew anonymous user session acts as if it's created with password

medium
6.5
First published (updated )
CVE-2021-39138

Parse Platform Parse ServerParse Server stores password in plain text

high
7.7
First published (updated )
CVE-2020-26288

Parse Platform Parse ServerImproper session expiration in Parse Server

medium
4.3
First published (updated )
CVE-2020-15270

npm/parse-serverInformation disclosure through Viewer query in parse-server

medium
6.5
First published (updated )
CVE-2020-15126

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Lifplatforms Lif Auth ServerInformation disclosure in parse-server

high
7.7
First published (updated )
CVE-2020-5251

Lifplatforms Lif Auth Serverparse-server before 3.6.0 allows account enumeration.

medium
5.3
First published (updated )
CVE-2019-1020013

Lifplatforms Lif Auth Serverparse-server before 3.4.1 allows DoS after any POST to a volatile class.

high
7.5
First published (updated )
CVE-2019-1020012

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203