Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
C Brute Force	magento/community-edition<2.4.4-p10>=2.4.5, <2.4.5-p9>=2.4.6, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2	Composer	9 Nov 2025
M Cross-site Scripting (XSS)	magento/community-edition<2.4.4-p10>=2.4.5, <2.4.5-p9>=2.4.6, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2	Composer	9 Nov 2025
H Cross-site Scripting (XSS)	magento/community-edition<2.4.4-p10>=2.4.5, <2.4.5-p9>=2.4.6, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2	Composer	9 Nov 2025
M Deserialization of Untrusted Data	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
C Arbitrary File Upload	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
H Arbitrary File Upload	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
H Command Injection	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
C Arbitrary File Upload	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
H Arbitrary File Upload	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
C XML Injection	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
M Cross-site Scripting (XSS)	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
C XML Injection	magento/community-edition<2.3.7-p1>=2.4.0, <2.4.2-p2	Composer	9 Nov 2025
M Command Injection	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2	Composer	7 Nov 2025
M Cross-site Scripting (XSS)	alexusmai/laravel-file-manager>=1.0.0	Composer	7 Nov 2025
M Arbitrary File Upload	snipe/snipe-it<8.3.3	Composer	6 Nov 2025
M Cross-site Scripting (XSS)	openmage/magento-lts<20.16.0	Composer	4 Nov 2025
M Cross-site Scripting (XSS)	getgrav/grav>=0.0.0	Composer	4 Nov 2025
M Insufficient Verification of Data Authenticity	mantisbt/mantisbt<2.27.2	Composer	4 Nov 2025
M Improper Authorization	mantisbt/mantisbt<2.27.2	Composer	4 Nov 2025
H Allocation of Resources Without Limits or Throttling	mantisbt/mantisbt<2.27.2	Composer	4 Nov 2025
H Incorrect Comparison	mantisbt/mantisbt<2.27.2	Composer	4 Nov 2025
H Cross-site Scripting (XSS)	statamic/cms<5.22.1	Composer	31 Oct 2025
M Cross-site Scripting (XSS)	privatebin/privatebin>=1.7.7, <1.7.9>=2.0.0, <2.0.2	Composer	29 Oct 2025
H Arbitrary File Upload	alexusmai/laravel-file-manager>=1.0.0	Composer	29 Oct 2025
M Cross-site Scripting (XSS)	code16/sharp<9.11.1	Composer	29 Oct 2025
M Weak Password Requirements	microweber/microweber>=2.0.0	Composer	26 Oct 2025
L Cross-site Scripting (XSS)	wikibase-solutions/cookie-consent<2.0.0	Composer	24 Oct 2025
H Brute Force	moodle/moodle<4.1.21>=4.4.0-beta, <4.4.11>=4.5.0-beta, <4.5.7>=5.0.0-beta, <5.0.3	Composer	24 Oct 2025
M Incorrect Authorization	moodle/moodle>=4.5.0-beta, <4.5.7>=5.0.0-beta, <5.0.3	Composer	24 Oct 2025
M Improper Authorization	moodle/moodle<4.1.21>=4.4.0-beta, <4.4.11>=4.5.0-beta, <4.5.7>=5.0.0-beta, <5.0.3	Composer	24 Oct 2025

APPLICATION

OPERATING SYSTEM