Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
phpservermon/phpservermon
<3.3.0
Composer
26 May 2024
H
Server-side Request Forgery (SSRF)
vufind/vufind
>=2.0, <9.1.1
Composer
23 May 2024
H
Server-side Request Forgery (SSRF)
vufind/vufind
>=9.1, <9.1.1
Composer
23 May 2024
H
Incorrect Authorization
silverstripe/cms
>=3.0.0, <=3.0.11
>=3.1.0, <3.1.11
Composer
23 May 2024
M
Cross-site Scripting (XSS)
silverstripe/cms
>=3.1.0, <3.1.10
Composer
23 May 2024
L
Cross-site Scripting (XSS)
silverstripe/admin
>=1.0.3, <1.0.4
>=1.1.0, <1.1.1
Composer
23 May 2024
M
Cross-site Scripting (XSS)
silverstripe/cms
>=3.1.0, <3.1.10
Composer
23 May 2024
M
Improper Authentication
scheb/two-factor-bundle
>=3.0.0, <3.7.0
Composer
22 May 2024
C
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
shopware/shopware
<1.0.8
>=4.0.0, <5.2.15
Composer
22 May 2024
C
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
shopware/shopware
>=4.2.0, <5.2.25
Composer
22 May 2024
C
Injection
shopware/shopware
<5.2.16
Composer
22 May 2024
M
Open Redirect
oro/crm
>=1.7.0, <1.7.4
Composer
21 May 2024
M
URL Redirection to Untrusted Site ('Open Redirect')
oro/platform
>=1.7.0, <1.7.4
Composer
21 May 2024
M
Violation of Secure Design Principles
passbolt/passbolt_api
<2.11.0
Composer
21 May 2024
M
Improper Neutralization of Server-Side Includes Within a Web Page
verbb/formie
<2.1.6
Composer
21 May 2024
H
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ezsystems/ezpublish-legacy
>=2011.0.0, <2017.12.2.1
>=5.3.0, <5.3.12.3
>=5.4.0, <5.4.11.3
Composer
20 May 2024
M
Improper Authorization
friendsofsymfony/user-bundle
>=1.2.0, <1.2.1
Composer
20 May 2024
H
Improper Verification of Cryptographic Signature
namshi/jose
<2.2.0
Composer
19 May 2024
C
External Control of Assumed-Immutable Web Parameter
joomla/input
>=2.0.0, <2.0.2
Composer
17 May 2024
M
URL Redirection to Untrusted Site ('Open Redirect')
friendsofsymfony/oauth2-php
<1.3.0
Composer
17 May 2024
M
Incorrect Permission Assignment for Critical Resource
datadog/dd-trace
>=0.30.0, <0.30.2
Composer
17 May 2024
C
Improper Input Validation
contao/core
>=2.0.0, <2.11.17
>=3.0.0, <3.2.9
Composer
17 May 2024
H
Weak Password Recovery Mechanism for Forgotten Password
cartalyst/sentry
>=0.0.0
Composer
16 May 2024
H
Directory Traversal
getgrav/grav
<1.7.46
Composer
16 May 2024
H
SQL Injection
adodb/adodb-php
<5.20.11
Composer
16 May 2024
M
Insufficient Session Expiration
reportico-web/reportico
>=0.0.0
Composer
15 May 2024
M
Exposure of Sensitive Information to an Unauthorized Actor
prestashop/prestashop
>=8.1.5, <8.1.6
Composer
15 May 2024
C
Cross-site Scripting (XSS)
prestashop/prestashop
>=8.1.0, <8.1.6
Composer
15 May 2024
C
Use of Password Hash With Insufficient Computational Effort
php-censor/php-censor
>=2.1.4, <2.1.5
Composer
15 May 2024
C
Unrestricted Upload of File with Dangerous Type
cockpit-hq/cockpit
<2.7.0
Composer
15 May 2024
