Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • L
Incorrect Authorization		com.liferay:com.liferay.comment.web[,6.1.4)Maven17 Sept 2025
  • M
Missing Authorization		com.liferay:com.liferay.organizations.item.selector.web[,4.0.22)Maven17 Sept 2025
  • M
Open Redirect		com.liferay.portal:com.liferay.portal.impl[,93.0.0)Maven17 Sept 2025
  • M
Cross-site Scripting (XSS)		com.liferay:com.liferay.object.web[,1.0.194)Maven17 Sept 2025
  • M
Cross-site Scripting (XSS)		com.liferay:com.liferay.dynamic.data.mapping.form.field.type[,6.0.161)Maven17 Sept 2025
  • C
Arbitrary Command Injection		codeceptjs<3.7.5npm17 Sept 2025
  • H
Out-of-bounds Read		fast-able<1.13.7Cargo17 Sept 2025
  • H
Deserialization of Untrusted Data		picklescan[,0.0.31)pip17 Sept 2025
  • M
Cross-site Scripting (XSS)		yeswiki/yeswiki>=0.0.0Composer17 Sept 2025
  • H
Use of Hard-coded Cryptographic Key		hmailserver/hmailserver[5.6.8,]Unmanaged (C/C++)17 Sept 2025
  • H
Use of Weak Hash		hmailserver/hmailserver[5.6.8,]Unmanaged (C/C++)17 Sept 2025
  • H
Arbitrary Code Injection		github.com/tmc/langchaingo/prompts/internal/loader<0.1.14-pre.0Go17 Sept 2025
  • H
Arbitrary Code Injection		github.com/tmc/langchaingo/prompts<0.1.14-pre.0Go17 Sept 2025
  • M
Allocation of Resources Without Limits or Throttling		go.temporal.io/server/common/authorization<1.26.3>=1.27.0 <1.27.3>=1.28.0 <1.28.1Go17 Sept 2025
  • H
Arbitrary Code Injection		@anthropic-ai/claude-code<1.0.105npm17 Sept 2025
  • H
Timing Attack		com.ongres.scram:scram-common[,3.2)Maven17 Sept 2025
  • M
Use of Uninitialized Resource		fuser>=0.5.0 <0.16.0Cargo17 Sept 2025
  • M
SQL Injection		github.com/lostvip-com/ruoyi-go/modules/system/dao>=0.0.0Go17 Sept 2025
  • L
Missing Report of Error Condition		EVerest/libocpp[,0.26.2)Unmanaged (C/C++)17 Sept 2025
  • M
Cross-site Scripting (XSS)		com.liferay:com.liferay.users.admin.web[0,]Maven17 Sept 2025
  • M
Cross-site Scripting (XSS)		com.liferay:com.liferay.portal.settings.web[,5.0.53)Maven17 Sept 2025
  • M
Deserialization of Untrusted Data		sglang[0.4.5.post1,]pip17 Sept 2025
  • H
Deserialization of Untrusted Data		org.apache.fory:fory-core[,0.12.2)Maven17 Sept 2025
  • M
Arbitrary Command Injection		mcp-kubernetes-server[0,]pip17 Sept 2025
  • M
Command Injection		mcp-kubernetes-server[0,]pip17 Sept 2025
  • H
Cross-site Request Forgery (CSRF)		github.com/knadh/listmonk/cmd>=0.0.0Go17 Sept 2025
  • C
SQL Injection		github.com/prest/prest/v2/adapters/postgres<2.0.0-rc3Go17 Sept 2025
  • C
SQL Injection		github.com/prest/prest/adapters/postgres<2.0.0-rc3Go17 Sept 2025
  • M
Information Exposure		github.com/runatlantis/atlantis/server/controllers>=0.0.0Go17 Sept 2025
  • C
Deserialization of Untrusted Data		llamafactory[0,]pip17 Sept 2025