Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Cross-Site Request Forgery (CSRF)CVE-2025-49555
Affects magento/community-edition | Versions <2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1
Has fix
ComposerPublished 5 Sept 2025
  • H
Improper Input ValidationCVE-2025-49554
Affects magento/community-edition | Versions <2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1
Has fix
ComposerPublished 5 Sept 2025
  • H
Cross-site Scripting (XSS)CVE-2025-49557
Affects magento/community-edition | Versions <2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1
Has fix
ComposerPublished 5 Sept 2025
  • H
Unverified OwnershipCVE-2025-9822
Affects mautic/core-lib | Versions <5.2.8>=6.0.0-alpha, <6.0.5
Has fix
ComposerPublished 3 Sept 2025
  • M
Observable Response DiscrepancyCVE-2025-9824
Affects mautic/core-lib | Versions <5.2.8>=6.0.0-alpha, <6.0.5
Has fix
ComposerPublished 3 Sept 2025
  • M
Server-side Request Forgery (SSRF)CVE-2025-9821
Affects mautic/core-lib | Versions <5.2.8>=6.0.0-alpha, <6.0.5
Has fix
ComposerPublished 3 Sept 2025
  • L
Improper Restriction of Rendered UI Layers or FramesCVE-2025-41000
Affects boomcms/boom-core | Versions >=0.0.0
Has fix
ComposerPublished 3 Sept 2025
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2014-125127
Affects mikecao/flight | Versions <1.2
Has fix
ComposerPublished 3 Sept 2025
  • C
Deserialization of Untrusted DataCVE-2025-25691
Affects prestashop/prestashop | Versions <8.2.1
Has fix
ComposerPublished 3 Sept 2025
  • M
Incorrect AuthorizationCVE-2025-57759
Affects contao/core-bundle | Versions >=5.3.0, <5.3.38>=5.4.0-RC1, <5.6.1
Has fix
ComposerPublished 29 Aug 2025
  • M
Incorrect AuthorizationCVE-2025-57756
Affects contao/core-bundle | Versions >=4.9.14, <4.13.56>=5.0.0-RC1, <5.3.38>=5.4.0-RC1, <5.6.1
Has fix
ComposerPublished 29 Aug 2025
  • M
Incorrect AuthorizationCVE-2025-57757
Affects contao/comments-bundle | Versions >=5.0.0, <5.3.38>=5.4.0-RC1, <5.6.1
Has fix
ComposerPublished 29 Aug 2025
  • M
Incorrect AuthorizationCVE-2025-57758
Affects contao/core-bundle | Versions >=5.0.0, <5.3.38>=5.4.0-RC1, <5.6.1
Has fix
ComposerPublished 29 Aug 2025
  • M
Cross-site Scripting (XSS)CVE-2025-51487
Affects moonshine/moonshine | Versions >=0.0.0, <3.12.6
Has fix
ComposerPublished 28 Aug 2025
  • H
Arbitrary Code InjectionCVE-2025-57811
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.16.5>=5.0.0-RC1, <5.8.7
Has fix
ComposerPublished 28 Aug 2025
  • M
Unrestricted Upload of File with Dangerous TypeCVE-2025-51489
Affects moonshine/moonshine | Versions <3.12.5
Has fix
ComposerPublished 28 Aug 2025
  • H
SQL InjectionCVE-2025-50383
Affects alextselegidis/easyappointments | Versions >=0.0.0, <1.5.2
Has fix
ComposerPublished 28 Aug 2025
  • M
SQL InjectionCVE-2025-51510
Affects lee-to/moonshine-tree-resource | Versions <2.0.2
Has fix
ComposerPublished 28 Aug 2025
  • H
Server-side Request Forgery (SSRF)CVE-2025-54370
Affects phpoffice/phpspreadsheet | Versions <1.30.0>=2.0.0, <2.1.12>=2.2.0, <2.4.0>=3.3.0, <3.10.0>=4.0.0, <5.0.0
Has fix
ComposerPublished 27 Aug 2025
  • C
Arbitrary File UploadCVE-2025-52353
Affects badaso/core | Versions >=1.0.0-alpha.1
Has fix
ComposerPublished 27 Aug 2025
  • M
Cross-site Scripting (XSS)CVE-2025-51488
Affects moonshine/moonshine | Versions <3.12.4
Has fix
ComposerPublished 26 Aug 2025
  • M
CSV InjectionCVE-2025-55745
Affects unopim/unopim | Versions <0.3.1
Has fix
ComposerPublished 25 Aug 2025
  • H
Missing AuthorizationCVE-2025-55741
Affects unopim/unopim | Versions <0.3.1
Has fix
ComposerPublished 25 Aug 2025
  • H
Cross-site Request Forgery (CSRF)CVE-2025-55744
Affects unopim/unopim | Versions <0.2.1
Has fix
ComposerPublished 25 Aug 2025
  • H
Arbitrary File UploadCVE-2025-55743
Affects unopim/unopim | Versions <0.2.1
Has fix
ComposerPublished 25 Aug 2025
  • H
Cross-site Scripting (XSS)CVE-2025-55742
Affects unopim/unopim | Versions <0.2.1
Has fix
ComposerPublished 25 Aug 2025
  • M
Cross-site Scripting (XSS)CVE-2025-55296
Affects librenms/librenms | Versions <25.8.0
Has fix
ComposerPublished 21 Aug 2025
  • M
Server-side Request Forgery (SSRF)CVE-2025-8678
Affects johnbillion/wp-crontrol | Versions >=1.17.0, <1.19.2
Has fix
ComposerPublished 21 Aug 2025
  • M
Cross-site Scripting (XSS)CVE-2025-45893
Affects opencart/opencart | Versions >=2.2.0.0
Has fix
ComposerPublished 20 Aug 2025
  • M
Cross-site Scripting (XSS)CVE-2025-45892
Affects opencart/opencart | Versions >=2.2.0.0
Has fix
ComposerPublished 20 Aug 2025