Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Premature Release of Resource During Expected LifetimeCVE-2024-39407
Affects magento/community-edition | Versions <2.4.4-p10>=2.4.5, <2.4.5-p9>=2.4.6, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2
Has fix
ComposerPublished 9 Nov 2025
  • H
Directory TraversalCVE-2024-39399
Affects magento/community-edition | Versions <2.4.4-p10>=2.4.5, <2.4.5-p9>=2.4.6, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2
Has fix
ComposerPublished 9 Nov 2025
  • C
Brute ForceCVE-2024-39398
Affects magento/community-edition | Versions <2.4.4-p10>=2.4.5, <2.4.5-p9>=2.4.6, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2
Has fix
ComposerPublished 9 Nov 2025
  • M
Cross-site Scripting (XSS)CVE-2024-39403
Affects magento/community-edition | Versions <2.4.4-p10>=2.4.5, <2.4.5-p9>=2.4.6, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2
Has fix
ComposerPublished 9 Nov 2025
  • H
Cross-site Scripting (XSS)CVE-2024-39400
Affects magento/community-edition | Versions <2.4.4-p10>=2.4.5, <2.4.5-p9>=2.4.6, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2
Has fix
ComposerPublished 9 Nov 2025
  • M
Deserialization of Untrusted DataCVE-2021-36025
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • C
Arbitrary File UploadCVE-2021-36042
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • H
Arbitrary File UploadCVE-2021-36041
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • H
Command InjectionCVE-2021-36024
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • C
Arbitrary File UploadCVE-2021-36040
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • H
Arbitrary File UploadCVE-2021-36034
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • C
XML InjectionCVE-2021-36033
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • M
Cross-site Scripting (XSS)CVE-2021-36027
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • C
XML InjectionCVE-2021-36023
Affects magento/community-edition | Versions <2.3.7-p1>=2.4.0, <2.4.2-p2
Has fix
ComposerPublished 9 Nov 2025
  • M
Command InjectionCVE-2024-39401
Affects magento/community-edition | Versions <2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-beta1, <2.4.7-p2
Has fix
ComposerPublished 7 Nov 2025
  • M
Cross-site Scripting (XSS)CVE-2025-63307
Affects alexusmai/laravel-file-manager | Versions >=1.0.0
Has fix
ComposerPublished 7 Nov 2025
  • M
Arbitrary File UploadCVE-2025-63601
Affects snipe/snipe-it | Versions <8.3.3
Has fix
ComposerPublished 6 Nov 2025
  • M
Cross-site Scripting (XSS)CVE-2025-64174
Affects openmage/magento-lts | Versions <20.16.0
Has fix
ComposerPublished 4 Nov 2025
  • M
Cross-site Scripting (XSS)CVE-2025-63593
Affects getgrav/grav | Versions >=0.0.0
Has fix
ComposerPublished 4 Nov 2025
  • M
Insufficient Verification of Data AuthenticityCVE-2025-55155
Affects mantisbt/mantisbt | Versions <2.27.2
Has fix
ComposerPublished 4 Nov 2025
  • M
Improper AuthorizationCVE-2025-62520
Affects mantisbt/mantisbt | Versions <2.27.2
Has fix
ComposerPublished 4 Nov 2025
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2025-46556
Affects mantisbt/mantisbt | Versions <2.27.2
Has fix
ComposerPublished 4 Nov 2025
  • H
Incorrect ComparisonCVE-2025-47776
Affects mantisbt/mantisbt | Versions <2.27.2
Has fix
ComposerPublished 4 Nov 2025
  • H
Cross-site Scripting (XSS)CVE-2025-64112
Affects statamic/cms | Versions <5.22.1
Has fix
ComposerPublished 31 Oct 2025
  • M
Cross-site Scripting (XSS)CVE-2025-62796
Affects privatebin/privatebin | Versions >=1.7.7, <1.7.9>=2.0.0, <2.0.2
Has fix
ComposerPublished 29 Oct 2025
  • H
Arbitrary File UploadCVE-2025-56399
Affects alexusmai/laravel-file-manager | Versions >=1.0.0
Has fix
ComposerPublished 29 Oct 2025
  • M
Cross-site Scripting (XSS)CVE-2025-62798
Affects code16/sharp | Versions <9.11.1
Has fix
ComposerPublished 29 Oct 2025
  • M
Weak Password RequirementsCVE-2025-60954
Affects microweber/microweber | Versions >=2.0.0
Has fix
ComposerPublished 26 Oct 2025
  • L
Cross-site Scripting (XSS)CVE-2025-62659
Affects wikibase-solutions/cookie-consent | Versions <2.0.0
Has fix
ComposerPublished 24 Oct 2025
  • H
Brute ForceCVE-2025-62399
Affects moodle/moodle | Versions <4.1.21>=4.4.0-beta, <4.4.11>=4.5.0-beta, <4.5.7>=5.0.0-beta, <5.0.3
Has fix
ComposerPublished 24 Oct 2025