Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Insertion of Sensitive Information into Log File		org.infinispan:infinispan-core[,14.0.34.Final)[15.0.0.CR1,15.0.13.Final)[15.1.0.Dev01,15.1.5.Final)Maven28 Jan 2025
  • M
Deserialization of Untrusted Data		com.ruoyi:ruoyi-quartz[0,]Maven28 Jan 2025
  • M
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)		org.apache.cocoon:cocoon-sitemap-impl[0,]Maven28 Jan 2025
  • H
Timing Attack		org.apache.hive:hive-llap-common[,4.0.0)Maven28 Jan 2025
  • H
Execution with Unnecessary Privileges		org.apache.solr:solr-core[,9.8.0)Maven27 Jan 2025
  • M
Arbitrary File Write via Archive Extraction (Zip Slip)		org.apache.solr:solr-core[6.6,9.8.0)Maven27 Jan 2025
  • M
Cross-site Request Forgery (CSRF)		org.apache.storm:storm-core[,0.10.0-beta)Maven27 Jan 2025
  • L
HTTP Response Splitting		org.glassfish.grizzly:grizzly-bom[,4.0.0.payara-p2)Maven27 Jan 2025
  • M
Signed to Unsigned Conversion Error		org.graalvm.sdk:graal-sdk[,20.3.17)[21.0.0,21.3.13)Maven27 Jan 2025
  • M
Information Exposure		org.hl7.fhir.publisher:org.hl7.fhir.publisher.core[,1.8.9)Maven26 Jan 2025
  • M
Information Exposure		org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli[,1.8.9)Maven26 Jan 2025
  • H
XML External Entity (XXE) Injection		org.hl7.fhir.publisher:org.hl7.fhir.publisher.core[,1.7.4)Maven26 Jan 2025
  • H
Allocation of Resources Without Limits or Throttling		org.apache.wicket:wicket-core[7.0.0-M1,9.19.0)[10.0.0-M1,10.3.0)Maven24 Jan 2025
  • M
Credential Exposure		io.jenkins.plugins:zoom[,1.4)Maven23 Jan 2025
  • L
Insufficiently Protected Credentials		io.jenkins.plugins:zoom[,1.6)Maven23 Jan 2025
  • M
Cross-site Request Forgery (CSRF)		org.jenkins-ci.plugins:service-fabric[0,]Maven23 Jan 2025
  • M
User Impersonation		com.axis.jenkins.plugins.eiffel:eiffel-broadcaster[2.8.0,2.10.3)Maven23 Jan 2025
  • M
Access Control Bypass		org.jenkins-ci.plugins:service-fabric[0,]Maven23 Jan 2025
  • H
Access Control Bypass		io.jenkins.plugins:folder-auth[0,]Maven23 Jan 2025
  • H
Improper Handling of Case Sensitivity		org.jenkins-ci.plugins:oic-auth[,4.453.v4d7765c854f4)Maven23 Jan 2025
  • H
Cross-site Request Forgery (CSRF)		io.jenkins.plugins:atlassian-bitbucket-server-integration[2.1.0,4.1.4)Maven23 Jan 2025
  • M
Improper Authorization		org.jenkins-ci.plugins:gitlab-plugin[,1.9.7)Maven23 Jan 2025
  • M
Authentication Bypass Using an Alternate Path or Channel		org.keycloak:keycloak-ldap-federation[0,26.1.0)Maven23 Jan 2025
  • M
Cross-site Scripting (XSS)		org.apache.ranger:security-admin-web[,2.5.0)Maven22 Jan 2025
  • H
Server-side Request Forgery (SSRF)		org.apache.ranger:security-admin-web[,2.5.0)Maven22 Jan 2025
  • H
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)		org.apache.ambari:ambari-agent[0,]Maven22 Jan 2025
  • H
XML External Entity (XXE) Injection		org.apache.ambari.contrib.views:wfmanager[0,]Maven22 Jan 2025
  • H
Arbitrary Command Injection		org.apache.ambari:ambari-server[0,]Maven22 Jan 2025
  • H
Denial of Service (DoS)		org.apache.cxf:cxf-core[,3.5.10)[3.6.0,3.6.5)[4.0.0,4.0.6)Maven22 Jan 2025
  • H
Insecure Randomness		org.webjars.npm:undici[0,]Maven22 Jan 2025