Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Cross-site Request Forgery (CSRF)CVE-2025-3638
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • M
Cross-site Scripting (XSS)CVE-2025-3643
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • M
Incorrect AuthorizationCVE-2025-3645
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • M
Incorrect AuthorizationCVE-2025-3644
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • M
Authorization Bypass Through User-Controlled KeyCVE-2025-3640
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • M
Incorrect AuthorizationCVE-2025-3647
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • H
Arbitrary Code InjectionCVE-2025-3642
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • M
Cross-site Request Forgery (CSRF)CVE-2025-3635
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • M
Improper AuthenticationCVE-2025-3627
Affects moodle/moodle | Versions >=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • M
Authorization Bypass Through User-Controlled KeyCVE-2025-3636
Affects moodle/moodle | Versions >=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 21 May 2025
  • H
Information ExposureCVE-2025-32044
Affects moodle/moodle | Versions >=4.5.0-beta, <4.5.3
Has fix
ComposerPublished 21 May 2025
  • M
Information ExposureCVE-2025-3628
Affects moodle/moodle | Versions >=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 19 May 2025
  • M
Improper AuthenticationCVE-2025-3634
Affects moodle/moodle | Versions >=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4
Has fix
ComposerPublished 19 May 2025
  • M
External Control of Assumed-Immutable Web ParameterCVE-2025-35939
Affects craftcms/cms | Versions <4.15.3>=5.0.0-alpha.1, <5.7.5
Has fix
ComposerPublished 19 May 2025
  • M
Missing AuthorizationCVE-2025-32045
Affects moodle/moodle | Versions >=4.1.0, <4.1.17>=4.3.0-beta, <4.3.11>=4.4.0-beta, <4.4.7>=4.5.0-beta, <4.5.3
Has fix
ComposerPublished 19 May 2025
  • C
Improper AuthenticationCVE-2025-47275
Affects auth0/auth0-php | Versions >=8.0.0-BETA1, <8.14.0
Has fix
ComposerPublished 19 May 2025
  • H
XML External Entity (XXE) InjectionCVE-2025-47778
Affects sulu/sulu | Versions >=2.5.21, <2.5.25>=2.6.5, <2.6.9>=3.0.0-alpha1, <3.0.0-alpha3
Has fix
ComposerPublished 18 May 2025
  • M
Directory TraversalCVE-2025-31493
Affects getkirby/cms | Versions <3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0-alpha.1, <4.7.1
Has fix
ComposerPublished 15 May 2025
  • M
Directory TraversalCVE-2025-30159
Affects getkirby/cms | Versions <3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0-alpha.1, <4.7.1
Has fix
ComposerPublished 15 May 2025
  • L
Directory TraversalCVE-2025-30207
Affects getkirby/cms | Versions <3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0, <4.7.1
Has fix
ComposerPublished 14 May 2025
  • M
Improper Input ValidationCVE-2025-29448
Affects alextselegidis/easyappointments | Versions >=0.0.0, <1.5.2
Has fix
ComposerPublished 13 May 2025
  • H
Improper Neutralization of Special Elements Used in a Template EngineCVE-2025-46731
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.14.13>=5.0.0-RC1, <5.6.15
Has fix
ComposerPublished 12 May 2025
  • M
Insertion of Sensitive Information Into Sent DataCVE-2016-5739
Affects phpmyadmin/phpmyadmin | Versions >=4.0.10, <4.7.0
Has fix
ComposerPublished 12 May 2025
  • M
Cross-site Scripting (XSS)CVE-2016-5733
Affects phpmyadmin/phpmyadmin | Versions >=4.0.10, <4.7.0
Has fix
ComposerPublished 12 May 2025
  • H
Server-side Request Forgery (SSRF)CVE-2016-6621
Affects phpmyadmin/phpmyadmin | Versions >=4.0.0, <4.7.0
Has fix
ComposerPublished 11 May 2025
  • M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CVE-2016-5701
Affects phpmyadmin/phpmyadmin | Versions >=4.0.10, <4.7.0
Has fix
ComposerPublished 9 May 2025
  • C
SQL InjectionCVE-2014-6295
Affects web-tp3/wec_map | Versions <3.3.0
Has fix
ComposerPublished 8 May 2025
  • M
Cross-site Scripting (XSS)CVE-2014-6296
Affects web-tp3/wec_map | Versions <3.3.0
Has fix
ComposerPublished 8 May 2025
  • H
Arbitrary Argument InjectionCVE-2025-32931
Affects tcg/voyager | Versions >=1.0.0
Has fix
ComposerPublished 8 May 2025
  • M
Cross-site Scripting (XSS)CVE-2025-46734
Affects league/commonmark | Versions >=1.5.0, <2.7.0
Has fix
ComposerPublished 6 May 2025