Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
L
Insertion of Sensitive Information into Log File
github.com/richardoc/kube-audit-rest/examples/full-elastic-stack/k8s
<1.0.16
Go
5 Feb 2025
M
User Interface (UI) Misrepresentation of Critical Information
Firefox
[,135)
Unmanaged (C/C++)
5 Feb 2025
M
User Interface (UI) Misrepresentation of Critical Information
thunderbird
[,135)
Unmanaged (C/C++)
5 Feb 2025
H
Race Condition
parallel-ssh
[,2.9.1)
pip
5 Feb 2025
M
Cross-site Scripting (XSS)
open-web-calendar
[,1.45)
pip
5 Feb 2025
H
Out-of-bounds Write
thunderbird
[,115.20)
[128.0,128.7)
[129.0beta,135)
Unmanaged (C/C++)
5 Feb 2025
H
Out-of-bounds Write
Firefox-ESR
[,115.20)
[128,128.7)
Unmanaged (C/C++)
5 Feb 2025
H
Out-of-bounds Write
Firefox
[,135)
Unmanaged (C/C++)
5 Feb 2025
M
HTTP Response Splitting
yhirose/cpp-httplib
[0.17.3,0.18.4)
Unmanaged (C/C++)
5 Feb 2025
M
Cross-site Scripting (XSS)
goauthentik.io/internal/web
<2024.10.3
Go
5 Feb 2025
M
Cross-site Scripting (XSS)
github.com/goauthentik/authentik/internal/web
<2024.10.3
Go
5 Feb 2025
H
Privilege Defined With Unsafe Actions
org.apache.cassandra:cassandra-all
[3.0.0,3.0.31)
[3.1,3.11.18)
[4.0-alpha1,4.0.16)
[4.1-alpha1,4.1.8)
[5.0-alpha1,5.0.3)
Maven
5 Feb 2025
M
Buffer Over-read
hdf5
[,1.10.5)
Unmanaged (C/C++)
5 Feb 2025
H
Incorrect Authorization
org.apache.cassandra:cassandra-all
[4.0.0,4.0.16)
[4.1-alpha1,4.1.8)
[5.0-alpha1,5.0.3)
Maven
5 Feb 2025
H
Man-in-the-Middle (MitM)
org.apache.cassandra:cassandra-all
[4.0.2,4.0.15)
[4.1-alpha1,4.1.8)
[5.0-alpha1,5.0.3)
Maven
5 Feb 2025
L
Files or Directories Accessible to External Parties
sparkle
<2.6.1
cocoapods
5 Feb 2025
L
Files or Directories Accessible to External Parties
github.com/sparkle-project/Sparkle
<2.6.1
Swift
5 Feb 2025
M
Missing Origin Validation in WebSockets
vitest
>=1.0.0 <1.6.1
>=2.0.0 <2.1.9
>=3.0.0 <3.0.5
npm
5 Feb 2025
H
Directory Traversal
vitest
>=2.0.4 <2.1.9
>=3.0.0 <3.0.4
npm
5 Feb 2025
H
User Interface (UI) Misrepresentation of Critical Information
chromium
[,133.0.6943.53)
Unmanaged (C/C++)
5 Feb 2025
H
Use After Free
chromium
[,133.0.6943.53)
Unmanaged (C/C++)
5 Feb 2025
H
Use After Free
chromium
[,133.0.6943.53)
Unmanaged (C/C++)
5 Feb 2025
H
Class Pollution
mesop
[,0.14.1)
pip
4 Feb 2025
H
Directory Traversal
io.kestra:core
[,0.20.0)
Maven
4 Feb 2025
H
Directory Traversal
io.kestra:storage-local
[,0.20.11)
Maven
4 Feb 2025
H
Directory Traversal
io.kestra:core
[,0.20.11)
Maven
4 Feb 2025
M
Insufficient Verification of Data Authenticity
github.com/cometbft/cometbft/types
<0.38.17
>=1.0.0-alpha.1 <1.0.1
Go
4 Feb 2025
H
Directory Traversal
org.gaul:s3proxy
[,2.6.0)
Maven
4 Feb 2025
H
Improper Check or Handling of Exceptional Conditions
github.com/cometbft/cometbft/internal/blocksync
<0.38.17
>=1.0.0-alpha.1 <1.0.1
Go
4 Feb 2025
H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
envapi
<0.2.3
npm
4 Feb 2025
