Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
M
Improper Neutralization of Special Elements
ch.qos.logback:logback-classic
[,1.5.13)
Maven
20 Dec 2024
M
Improper Neutralization of Special Elements
ch.qos.logback:logback-core
[,1.5.13)
Maven
20 Dec 2024
L
Server-side Request Forgery (SSRF)
ch.qos.logback:logback-core
[,1.5.13)
Maven
20 Dec 2024
M
Cross-site Scripting (XSS)
com.liferay:com.liferay.portal.security.service.access.policy.web
[,5.0.25)
Maven
20 Dec 2024
M
Cross-site Scripting (XSS)
com.liferay:com.liferay.oauth2.provider.scope.impl
[,4.0.25)
Maven
20 Dec 2024
M
Cross-site Scripting (XSS)
com.liferay:com.liferay.dispatch.web
[,3.0.40)
Maven
19 Dec 2024
H
Incorrect Implementation of Authentication Algorithm
org.apache.kafka:kafka-clients
[0.10.2.0, 3.7.2)
[3.8.0, 3.8.1)
Maven
18 Dec 2024
C
Time-of-check Time-of-use (TOCTOU) Race Condition
org.apache.tomcat.embed:tomcat-embed-core
[9.0.0.M1,9.0.98)
[10.1.0-M1,10.1.34)
[11.0.0-M1,11.0.2)
Maven
18 Dec 2024
C
Time-of-check Time-of-use (TOCTOU) Race Condition
org.apache.tomcat:tomcat-catalina
[9.0.0.M1,9.0.98)
[10.1.0-M1,10.1.34)
[11.0.0-M1,11.0.2)
Maven
18 Dec 2024
M
Incorrect Authorization
org.elasticsearch:elasticsearch
[8.16.0,8.16.2)
Maven
18 Dec 2024
M
Information Exposure
org.geoserver.web:gs-web-core
[2.0.0,2.25.1)
Maven
17 Dec 2024
M
Cross-site Scripting (XSS)
org.webjars.bowergithub.basecamp:trix
[0,]
Maven
17 Dec 2024
M
Cross-site Scripting (XSS)
org.webjars.npm:trix
[0,]
Maven
17 Dec 2024
M
Improper Input Validation
org.webjars.npm:nanoid
[,3.3.8)
[4.0.0,5.0.9)
Maven
17 Dec 2024
H
XML External Entity (XXE) Injection
org.fhir:ucum
[,1.0.9)
Maven
15 Dec 2024
C
XML External Entity (XXE) Injection
org.http4k:http4k-format-xml
[,4.50.0.0)
[5.0.0.0, 5.40.0.0)
Maven
13 Dec 2024
H
Static Code Injection
org.xwiki.platform:xwiki-platform-help-ui
[,16.6.0-rc-1)
Maven
13 Dec 2024
M
Missing Authorization
org.xwiki.platform:xwiki-platform-scheduler-ui
[4.2-rc-1,15.10.9)
[16.0.0-rc-1, 16.4.0-rc-1)
Maven
13 Dec 2024
M
Missing Authorization
org.xwiki.platform:xwiki-platform-administration-ui
[4.2-rc-1,15.10.9)
[16.0.0-rc-1, 16.4.0-rc-1)
Maven
13 Dec 2024
H
Information Exposure
io.undertow:undertow-core
[2.2.0.Final,]
Maven
13 Dec 2024
H
Improper Encoding or Escaping of Output
org.xwiki.platform:xwiki-platform-web-templates
[11.10.6,13.10.5)
[14.0-rc-1,14.3-rc-1)
Maven
13 Dec 2024
C
Incorrect Authorization
org.xwiki.platform:xwiki-platform-repository-server-ui
[,15.10.9)
[16.0.0-rc-1,16.3.0)
Maven
13 Dec 2024
H
Prototype Pollution
org.webjars.npm:angular-expressions
[0,]
Maven
12 Dec 2024
H
HTTP Request Smuggling
io.quarkus.http:quarkus-http-core
[,5.3.4)
Maven
12 Dec 2024
H
XML External Entity (XXE) Injection
com.liferay:com.liferay.portal.tools.wsdd.builder
[,1.0.14)
Maven
12 Dec 2024
H
Use of Password Hash With Insufficient Computational Effort
com.liferay.portal:portal-impl
[0,]
Maven
12 Dec 2024
M
Cross-site Scripting (XSS)
com.liferay:com.liferay.portal.security.antisamy
[,6.0.18)
Maven
12 Dec 2024
C
Remote Code Execution (RCE)
org.apache.struts:struts2-core
[,7.0.0)
Maven
12 Dec 2024
L
Insufficient Verification of Data Authenticity
org.wildfly:wildfly-elytron-oidc-client-subsystem
[0,]
Maven
11 Dec 2024
M
Use of Cache Containing Sensitive Information
io.ktor:ktor-client-core-jvm
[,2.3.13)
[3.0.0-beta-1,3.0.0-rc-2)
Maven
9 Dec 2024