Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Improper Neutralization of Special Elements
ch.qos.logback:logback-classic[,1.5.13)Maven20 Dec 2024
  • M
Improper Neutralization of Special Elements
ch.qos.logback:logback-core[,1.5.13)Maven20 Dec 2024
  • L
Server-side Request Forgery (SSRF)
ch.qos.logback:logback-core[,1.5.13)Maven20 Dec 2024
  • M
Cross-site Scripting (XSS)
com.liferay:com.liferay.portal.security.service.access.policy.web[,5.0.25)Maven20 Dec 2024
  • M
Cross-site Scripting (XSS)
com.liferay:com.liferay.oauth2.provider.scope.impl[,4.0.25)Maven20 Dec 2024
  • M
Cross-site Scripting (XSS)
com.liferay:com.liferay.dispatch.web[,3.0.40)Maven19 Dec 2024
  • H
Incorrect Implementation of Authentication Algorithm
org.apache.kafka:kafka-clients[0.10.2.0, 3.7.2)[3.8.0, 3.8.1)Maven18 Dec 2024
  • C
Time-of-check Time-of-use (TOCTOU) Race Condition
org.apache.tomcat.embed:tomcat-embed-core[9.0.0.M1,9.0.98)[10.1.0-M1,10.1.34)[11.0.0-M1,11.0.2)Maven18 Dec 2024
  • C
Time-of-check Time-of-use (TOCTOU) Race Condition
org.apache.tomcat:tomcat-catalina[9.0.0.M1,9.0.98)[10.1.0-M1,10.1.34)[11.0.0-M1,11.0.2)Maven18 Dec 2024
  • M
Incorrect Authorization
org.elasticsearch:elasticsearch[8.16.0,8.16.2)Maven18 Dec 2024
  • M
Information Exposure
org.geoserver.web:gs-web-core[2.0.0,2.25.1)Maven17 Dec 2024
  • M
Cross-site Scripting (XSS)
org.webjars.bowergithub.basecamp:trix[0,]Maven17 Dec 2024
  • M
Cross-site Scripting (XSS)
org.webjars.npm:trix[0,]Maven17 Dec 2024
  • M
Improper Input Validation
org.webjars.npm:nanoid[,3.3.8)[4.0.0,5.0.9)Maven17 Dec 2024
  • H
XML External Entity (XXE) Injection
org.fhir:ucum[,1.0.9)Maven15 Dec 2024
  • C
XML External Entity (XXE) Injection
org.http4k:http4k-format-xml[,4.50.0.0)[5.0.0.0, 5.40.0.0)Maven13 Dec 2024
  • H
Static Code Injection
org.xwiki.platform:xwiki-platform-help-ui[,16.6.0-rc-1)Maven13 Dec 2024
  • M
Missing Authorization
org.xwiki.platform:xwiki-platform-scheduler-ui[4.2-rc-1,15.10.9)[16.0.0-rc-1, 16.4.0-rc-1)Maven13 Dec 2024
  • M
Missing Authorization
org.xwiki.platform:xwiki-platform-administration-ui[4.2-rc-1,15.10.9)[16.0.0-rc-1, 16.4.0-rc-1)Maven13 Dec 2024
  • H
Information Exposure
io.undertow:undertow-core[2.2.0.Final,]Maven13 Dec 2024
  • H
Improper Encoding or Escaping of Output
org.xwiki.platform:xwiki-platform-web-templates[11.10.6,13.10.5)[14.0-rc-1,14.3-rc-1)Maven13 Dec 2024
  • C
Incorrect Authorization
org.xwiki.platform:xwiki-platform-repository-server-ui[,15.10.9)[16.0.0-rc-1,16.3.0)Maven13 Dec 2024
  • H
Prototype Pollution
org.webjars.npm:angular-expressions[0,]Maven12 Dec 2024
  • H
HTTP Request Smuggling
io.quarkus.http:quarkus-http-core[,5.3.4)Maven12 Dec 2024
  • H
XML External Entity (XXE) Injection
com.liferay:com.liferay.portal.tools.wsdd.builder[,1.0.14)Maven12 Dec 2024
  • H
Use of Password Hash With Insufficient Computational Effort
com.liferay.portal:portal-impl[0,]Maven12 Dec 2024
  • M
Cross-site Scripting (XSS)
com.liferay:com.liferay.portal.security.antisamy[,6.0.18)Maven12 Dec 2024
  • C
Remote Code Execution (RCE)
org.apache.struts:struts2-core[,7.0.0)Maven12 Dec 2024
  • L
Insufficient Verification of Data Authenticity
org.wildfly:wildfly-elytron-oidc-client-subsystem[0,]Maven11 Dec 2024
  • M
Use of Cache Containing Sensitive Information
io.ktor:ktor-client-core-jvm[,2.3.13)[3.0.0-beta-1,3.0.0-rc-2)Maven9 Dec 2024