Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

PACKAGE MANAGER

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • M
Improper Input Validation
html-to-csv Open this link in a new tab [0,] pip 25 Nov 2021
  • H
Buffer Overflow
cgi Open this link in a new tab <0.3.1 >=0.2.0, <0.2.1 >=0.1.0, <0.1.1 RubyGems 25 Nov 2021
  • C
SQL Injection
github.com/flipped-aurora/gin-vue-admin/server/service/system Open this link in a new tab * Go 25 Nov 2021
  • M
Cross-site Scripting (XSS)
github.com/schollz/rwtxt Open this link in a new tab <1.8.6 Go 25 Nov 2021
  • M
Webcache Poisoning
shopware/platform Open this link in a new tab <6.4.6.1 Composer 25 Nov 2021
  • M
Webcache Poisoning
shopware/core Open this link in a new tab <6.4.6.1 Composer 25 Nov 2021
  • M
Information Exposure
homeassistant Open this link in a new tab [,0.67.0) pip 25 Nov 2021
  • H
Release of Invalid Pointer or Reference
nanopb Open this link in a new tab [,0.3.9.8) [0.4.0,0.4.5) pip 25 Nov 2021
  • M
Cross-site Scripting (XSS)
@claviska/jquery-minicolors Open this link in a new tab <2.3.6 npm 25 Nov 2021
  • H
Directory Traversal
matrix-synapse Open this link in a new tab [,1.47.1) pip 24 Nov 2021
  • H
Directory Traversal
aim Open this link in a new tab [,3.1.0) pip 24 Nov 2021
  • M
Cross-site Scripting (XSS)
wiki Open this link in a new tab [0.0.20,0.7.9) pip 24 Nov 2021
  • M
Prototype Pollution
org.webjars.npm:utils-copy Open this link in a new tab [0,] Maven 24 Nov 2021
  • M
Prototype Pollution
utils-copy Open this link in a new tab * npm 24 Nov 2021
  • M
Improper Authentication
symfony/security Open this link in a new tab <5.3.12 Composer 24 Nov 2021
  • M
Access Restriction Bypass
concrete5/concrete5 Open this link in a new tab <8.5.7 Composer 24 Nov 2021
  • H
Arbitrary Command Execution
org.apache.jspwiki:jspwiki-builder Open this link in a new tab [,2.11.0) Maven 24 Nov 2021
  • H
Cross-site Scripting (XSS)
org.apache.jspwiki:jspwiki-builder Open this link in a new tab [,2.11.0) Maven 24 Nov 2021
  • M
HTTP Request Smuggling
symfony/symfony Open this link in a new tab <5.3.12 Composer 24 Nov 2021
  • M
Arbitrary Code Execution
concrete5/concrete5 Open this link in a new tab <8.5.7 Composer 24 Nov 2021
  • L
Server-side Request Forgery (SSRF)
concrete5/concrete5 Open this link in a new tab <8.5.7 >=9.0.0, <9.0.1 Composer 24 Nov 2021
  • M
Information Exposure
ansible Open this link in a new tab [,1.5.5) pip 24 Nov 2021
  • M
Information Exposure
ansible Open this link in a new tab [2.3.0.0, 2.3.3.0) [2.4.0.0, 2.4.1.0) pip 24 Nov 2021
  • C
Arbitrary Code Execution
ansible Open this link in a new tab [,1.6.7) pip 24 Nov 2021
  • M
Cross-site Scripting (XSS)
buildbot Open this link in a new tab [,0.7.11p3) pip 24 Nov 2021
  • M
CSV Injection
symfony/symfony Open this link in a new tab >=5.0.0, <5.3.12 >=4.1.0, <4.4.35 Composer 24 Nov 2021
  • M
Improper Certificate Validation
awscrt Open this link in a new tab [,0.11.25) pip 23 Nov 2021
  • M
Improper Certificate Validation
aws-crt Open this link in a new tab <1.8.2 npm 23 Nov 2021
  • M
Improper Certificate Validation
software.amazon.awssdk.crt:aws-crt Open this link in a new tab [,14.0) Maven 23 Nov 2021
  • M
Improper Certificate Validation
awscrt Open this link in a new tab [,0.12.0) pip 23 Nov 2021