Developer Tools
Snyk Learn
Snyk Advisor
Code Checker
About Snyk
Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
Expand this section
APPLICATION
Cargo
cocoapods
Composer
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
Expand this section
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
H
XML External Entity (XXE) Injection
laravel/laravel
>=0.0.0
Composer
23 Jul 2024
M
Cross-site Scripting (XSS)
wikibase/wikibase
>=0.0.0
Composer
23 Jul 2024
M
Cross-site Scripting (XSS)
wikibase/wikibase
>=0.0.0
Composer
23 Jul 2024
M
Cross-site Scripting (XSS)
backdrop/backdrop
>=0.0.0
Composer
22 Jul 2024
M
SQL Injection
limesurvey/limesurvey
>=0.0.0
Composer
21 Jul 2024
M
Incorrect Authorization
silverstripe/reports
<5.2.3
Composer
18 Jul 2024
M
Cross-site Scripting (XSS)
silverstripe/framework
<5.2.16
Composer
18 Jul 2024
M
Information Exposure
sylius/sylius
<1.12.19
>=1.13.0, <1.13.4
Composer
18 Jul 2024
M
Cross-site Scripting (XSS)
lizhipay/acg-faka
>=0.0.0
Composer
18 Jul 2024
H
Improper Neutralization of Special Elements Used in a Template Engine
opencart/opencart
>=0.0.0
Composer
18 Jul 2024
C
Deserialization of Untrusted Data
torrentpier/torrentpier
>=0.0.0, <v2.4.4
Composer
16 Jul 2024
M
Observation of Data to Infer Information
web-auth/webauthn-symfony-bundle
>=4.5.0, <4.9.0
Composer
16 Jul 2024
M
Cross-site Scripting (XSS)
auth0/wordpress
<4.6.1
Composer
12 Jul 2024
H
Remote Code Execution (RCE)
glpi/glpi
>=0.85, <10.0.16
Composer
11 Jul 2024
H
SQL Injection
glpi/glpi
>=0.84, <10.0.16
Composer
11 Jul 2024
M
Improper Access Control
glpi/glpi
>=0.85, <10.0.16
Composer
11 Jul 2024
M
Improper Access Control
ssddanbrown/bookstack
<24.5.1
Composer
11 Jul 2024
M
Authentication Bypass by Primary Weakness
privatebin/privatebin
>=1.5.0, <1.7.4
Composer
10 Jul 2024
M
Cross-Site Request Forgery (CSRF)
limesurvey/limesurvey
<6.5.14
Composer
10 Jul 2024
M
SQL Injection
egroupware/egroupware
<23.1.20240624
Composer
8 Jul 2024
M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
mediawiki/metrolook-skin
>0.0.0
Composer
8 Jul 2024
M
Cross-site Request Forgery (CSRF)
shopxo/shopxo
>=0.0.0
Composer
8 Jul 2024
M
Exposure of Data Element to Wrong Session
aimeos/ai-controller-frontend
<2020.10.15
>=2021.4.1, <2021.10.8
>=2022.4.1, <2022.10.8
>=2023.4.1, <2023.10.9
Composer
5 Jul 2024
H
Insufficient Granularity of Access Control
aimeos/ai-admin-jsonadm
<2020.10.13
>=2021.4.1, <2021.10.6
>=2022.4.1, <2022.10.3
>=2023.4.1, <2023.10.4
>=2024.4.1, <2024.4.2
Composer
5 Jul 2024
M
Insufficient Granularity of Access Control
aimeos/ai-admin-graphql
<2022.10.10
>=2023.4.1, <2023.10.6
>=2024.4.1, <2024.4.2
Composer
5 Jul 2024
H
Insufficient Granularity of Access Control
aimeos/ai-admin-graphql
<2022.10.10
>=2023.4.1, <2023.10.6
>=2024.4.1, <2024.4.6
Composer
5 Jul 2024
M
Cross-site Scripting (XSS)
coderberg/residence-cms
<2.10.2
Composer
3 Jul 2024
H
Improper Certificate Validation
phpseclib/phpseclib
<1.0.22
>=2.0.0, <2.0.46
>=3.0.0, <3.0.33
Composer
28 Jun 2024
H
SQL Injection
craftcms/cms
<3.7.32
Composer
27 Jun 2024
M
URL Redirection to Untrusted Site ('Open Redirect')
october/october
>=3.2.0, <3.6.0
Composer
27 Jun 2024