Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Conan
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
H
Improper Neutralization of Special Elements Used in a Template Engine
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
H
Improper Neutralization of Special Elements Used in a Template Engine
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
H
Directory Traversal
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
H
Arbitrary Code Injection
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
H
Arbitrary Code Injection
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
H
Incorrect Privilege Assignment
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
H
Information Exposure
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
M
Directory Traversal
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
M
Uncaught Exception
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
H
Directory Traversal
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
M
Authorization Bypass Through User-Controlled Key
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
M
Denial of Service (DoS)
getgrav/grav
<1.8.0-beta.27
Composer
2 Dec 2025
M
Cross-site Scripting (XSS)
redaxo/source
<5.20.1
Composer
27 Nov 2025
H
Arbitrary Code Injection
redaxo/source
<5.20.1
Composer
27 Nov 2025
M
Cross-site Scripting (XSS)
redaxo/source
<5.20.1
Composer
27 Nov 2025
L
Cross-site Scripting (XSS)
contao/core-bundle
>=4.0.0, <4.13.57
>=5.0.0-RC1, <5.3.42
>=5.4.0-RC1, <5.6.5
Composer
27 Nov 2025
H
Insufficient Type Distinction
contao/core-bundle
<4.13.57
>=5.0.0-RC1, <5.3.42
>=5.4.0-RC1, <5.6.5
Composer
27 Nov 2025
M
Cross-site Scripting (XSS)
getformwork/formwork
<2.2.0
Composer
26 Nov 2025
M
Infinite loop
limesurvey/limesurvey
<6.14.1
Composer
21 Nov 2025
M
Infinite loop
limesurvey/limesurvey
<6.14.2
Composer
21 Nov 2025
M
Information Exposure
limesurvey/limesurvey
<6.15.0
Composer
21 Nov 2025
H
SQL Injection
devcode-it/openstamanager
<2.9.5
Composer
20 Nov 2025
M
Expired Pointer Dereference
mongodb/mongodb-extension
>=1.20.0, <1.21.2
Composer
20 Nov 2025
L
User Interface (UI) Misrepresentation of Critical Information
drupal/core
>=8.0.0, <10.4.9
>=10.5.0, <10.5.6
>=11.0.0, <11.1.9
>=11.2.0, <11.2.8
Composer
20 Nov 2025
L
Use of Web Browser Cache Containing Sensitive Information
drupal/core
>=8.0.0, <10.4.9
>=10.5.0, <10.5.6
>=11.0.0, <11.1.9
>=11.2.0, <11.2.8
Composer
20 Nov 2025
H
Deserialization of Untrusted Data
drupal/core
>=8.0.0, <10.4.9
>=10.5.0, <10.5.6
>=11.0.0, <11.1.9
>=11.2.0, <11.2.8
Composer
20 Nov 2025
M
Improper Check for Unusual or Exceptional Conditions
drupal/core
>=8.0.0, <10.4.9
>=10.5.0, <10.5.6
>=11.0.0, <11.1.9
>=11.2.0, <11.2.8
Composer
20 Nov 2025
H
HTTP Header Injection
backdrop/backdrop
>=0.0.0
Composer
19 Nov 2025
L
Cross-site Scripting (XSS)
privatebin/privatebin
>=1.7.7, <2.0.3
Composer
19 Nov 2025
M
Cross-site Scripting (XSS)
ph7software/ph7builder
>=0.0.0
Composer
19 Nov 2025
