Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • C
Malicious Package		passkeys-resources-website*npm23 Jan 2025
  • C
Malicious Package		dynatrace_config_manager*npm23 Jan 2025
  • C
Malicious Package		qa-octuple*npm23 Jan 2025
  • C
Malicious Package		angular-blockchain-wallet*npm23 Jan 2025
  • C
Malicious Package		alchemy-web3-webpack-example*npm23 Jan 2025
  • C
Malicious Package		gnosis-twitter-bot*npm23 Jan 2025
  • C
Malicious Package		another-depconf-poc*npm23 Jan 2025
  • C
Malicious Package		fix-this*npm23 Jan 2025
  • C
Malicious Package		1password-sdk-exapmles*npm23 Jan 2025
  • C
Malicious Package		octuple*npm23 Jan 2025
  • C
Malicious Package		text-unicode-webpack*npm23 Jan 2025
  • C
Malicious Package		gatsby-hampton-theme*npm23 Jan 2025
  • C
Malicious Package		groots645-npm-package*npm23 Jan 2025
  • M
Authentication Bypass Using an Alternate Path or Channel		org.keycloak:keycloak-ldap-federation[0,]Maven23 Jan 2025
  • H
Allocation of Resources Without Limits or Throttling		kibana<7.17.23>=8.0.0 <8.14.2npm22 Jan 2025
  • M
Information Exposure		umbraco.cms.api.management[14.0.0,14.3.2)[15.0.0,15.1.2)NuGet22 Jan 2025
  • M
Information Exposure		umbraco.cms.core[14.0.0,14.3.2)[15.0.0,15.1.2)NuGet22 Jan 2025
  • M
Cross-site Scripting (XSS)		phpoffice/phpspreadsheet<1.29.8>=2.2.0, <2.3.6>=2.0.0, <2.1.7>=3.0.0, <3.8.0Composer22 Jan 2025
  • M
Cross-site Scripting (XSS)		umbraco.cms.web.common[10.8.7,10.8.8)[11.0.0,13.5.3)[14.0.0,14.3.2)[15.0.0,15.1.2)NuGet22 Jan 2025
  • H
Arbitrary Code Injection		craftcms/cms>=4.0.0-RC1, <4.13.8>=5.0.0-RC1, <5.5.5Composer22 Jan 2025
  • M
Cross-site Scripting (XSS)		umbraco.cms.staticassets[4.0.0,14.3.2)[15.0.0,15.1.2)NuGet22 Jan 2025
  • M
Cross-site Scripting (XSS)		@umbraco-cms/backoffice>=14.0.0 <14.3.2>=15.0.0 <15.1.2npm22 Jan 2025
  • M
Cross-site Scripting (XSS)		org.apache.ranger:security-admin-web[,2.5.0)Maven22 Jan 2025
  • H
Server-side Request Forgery (SSRF)		org.apache.ranger:security-admin-web[,2.5.0)Maven22 Jan 2025
  • H
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)		org.apache.ambari:ambari-agent[0,]Maven22 Jan 2025
  • H
XML External Entity (XXE) Injection		org.apache.ambari.contrib.views:wfmanager[0,]Maven22 Jan 2025
  • H
Arbitrary Command Injection		org.apache.ambari:ambari-server[0,]Maven22 Jan 2025
  • H
Cross-site Request Forgery (CSRF)		johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer22 Jan 2025
  • C
SQL Injection		johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer22 Jan 2025
  • M
Improper Preservation of Consistency Between Independent Representations of Shared State		johnpbloch/wordpress-core>=4.7.0, <4.7.27>=4.8.0, <4.8.23>=4.9.0, <4.9.24>=5.0.0, <5.0.20>=5.1.0, <5.1.17>=5.2.0, <5.2.19>=5.3.0, <5.3.16>=5.4.0, <5.4.14>=5.5.0, <5.5.13>=5.6.0, <5.6.12>=5.7.0, <5.7.10>=5.8.0, <5.8.8>=5.9.0, <5.9.8>=6.0.0, <6.0.6>=6.1.0, <6.1.4>=6.2.0, <6.2.3>=6.3.0, <6.3.2Composer22 Jan 2025