Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
C
Arbitrary Command Injection
CVE-2017-20156
Affects
printer
| Versions
>=0.1.0
L
Cross-site Scripting (XSS)
CVE-2019-25088
Affects
oxidized-web
| Versions
<0.14.0
M
Incorrect Privilege Assignment
CVE-2020-36624
Affects
text_helpers
| Versions
<1.1.0
L
Regular Expression Denial of Service (ReDoS)
CVE-2021-4250
Affects
active_attr
| Versions
<0.15.3
H
Uncontrolled Recursion
CVE-2022-23516
Affects
loofah
| Versions
>=2.2.0, <2.19.1
M
Cross-site Scripting (XSS)
CVE-2022-23519
Affects
rails-html-sanitizer
| Versions
<1.4.4
M
Cross-site Scripting (XSS)
CVE-2022-23518
Affects
rails-html-sanitizer
| Versions
>=1.0.3, <1.4.4
H
Regular Expression Denial of Service (ReDoS)
CVE-2022-23517
Affects
rails-html-sanitizer
| Versions
<1.4.4
H
Regular Expression Denial of Service (ReDoS)
CVE-2022-23514
Affects
loofah
| Versions
<2.19.1
M
Cross-site Scripting (XSS)
CVE-2022-23520
Affects
rails-html-sanitizer
| Versions
<1.4.4
M
Cross-site Scripting (XSS)
CVE-2022-23515
Affects
loofah
| Versions
>=2.1.0, <2.19.1
H
Denial of Service (DoS)
CVE-2022-3510
Affects
google-protobuf
| Versions
>=3.16.0, <3.19.6
>=3.20.0-rc-1, <3.20.3
>=3.21.0-rc-1, <3.21.7
H
Unchecked Return Value
CVE-2022-23476
Affects
nokogiri
| Versions
>=1.13.8, <1.13.10
H
Resources Downloaded over Insecure Protocol
CVE-2022-45442
Affects
sinatra
| Versions
<2.2.3
>=3.0.0, <3.0.4
H
Improper Input Validation
CVE-2021-33621
Affects
cgi
| Versions
<0.1.0.2
>=0.2.1, <0.2.2
>=0.3.3, <0.3.5
L
Improper Neutralization
CVE-2022-4064
Affects
dalli
| Versions
<3.2.3
C
Integer Overflow or Wraparound
CVE-2022-37454
Affects
sha3
| Versions
<1.0.5
L
Information Exposure
CVE-2022-39379
Affects
fluentd
| Versions
>=1.13.2, <1.15.3
H
NULL Pointer Dereference
Affects
nokogiri
| Versions
<1.13.9
M
Denial of Service (DoS)
Affects
sqlite3
| Versions
>=1.5.0, <1.5.1
H
Privilege Escalation
CVE-2022-42717
Affects
vagrant
| Versions
>=0.0.0, <2.4.4
M
Denial of Service (DoS)
CVE-2022-39281
Affects
fat_free_crm
| Versions
<0.20.1
M
Denial of Service (DoS)
CVE-2022-3171
Affects
google-protobuf
| Versions
<3.16.3
>=3.17.0.rc.1, <3.19.6
>=3.20.0.rc.1, <3.20.3
>=3.21.0.rc.1, <3.21.7
M
Heap-based Buffer Overflow
CVE-2016-2338
Affects
psych
| Versions
<2.0.17
M
Open Redirect
Affects
actionpack
| Versions
>=7.0.3, <7.0.4
M
Improper Input Validation
Affects
personnummer
| Versions
<3.0.1
H
Arbitrary Code Execution
CVE-2022-39224
Affects
arr-pm
| Versions
<0.0.12
M
Information Exposure
Affects
pageflow
| Versions
<14.5.2
>=15.0.0, <15.7.1
H
Authorization Bypass Through User-Controlled Key
Affects
pageflow
| Versions
<14.5.2
>=15.0.0, <15.7.1
C
Command Injection
CVE-2022-25765
Affects
pdfkit
| Versions
<0.8.7.2