Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
H
Improper Authentication
CVE-2020-36599
Affects
omniauth
| Versions
<1.9.2
H
SQL Injection
CVE-2022-35956
Affects
update_by_case
| Versions
<0.1.3
H
Directory Traversal
CVE-2022-31163
Affects
tzinfo
| Versions
<0.3.61
>=1.0.0, <1.2.10
M
Information Exposure
CVE-2022-2394
Affects
bolt
| Versions
<3.24.0
M
Cross-site Scripting (XSS)
CVE-2020-35305
Affects
gollum
| Versions
>=5.0.0, <5.1.2
C
Remote Code Execution (RCE)
CVE-2022-32224
Affects
activerecord
| Versions
<5.2.8.1
>=6.0.0, <6.0.5.1
>=6.1.0, <6.1.6.1
>=7.0.0, <7.0.3.1
M
HTTP Request Smuggling
CVE-2022-32214
Affects
llhttp
| Versions
>=0.0.0
M
HTTP Request Smuggling
CVE-2022-32215
Affects
llhttp
| Versions
>=0.0.0
M
HTTP Request Smuggling
CVE-2022-32213
Affects
llhttp
| Versions
>=0.0.0
H
Deserialization of Untrusted Data
CVE-2022-31115
Affects
opensearch-ruby
| Versions
<2.0.2
M
Access Restriction Bypass
CVE-2021-3779
Affects
ruby-mysql
| Versions
<2.10.0
M
Cross-site Scripting (XSS)
CVE-2022-32209
Affects
rails-html-sanitizer
| Versions
<1.4.3
H
Remote Code Execution (RCE)
CVE-2022-33127
Affects
diffy
| Versions
<3.4.1
H
Improper Encoding or Escaping of Output
CVE-2022-23079
Affects
motor-admin
| Versions
<0.2.61
L
Insecure Permissions
CVE-2022-31071
Affects
octopoller
| Versions
>=0.2.0, <0.3.0
M
Insufficiently Protected Credentials
CVE-2022-31033
Affects
mechanize
| Versions
<2.8.5
H
Deserialization of Untrusted Data
CVE-2022-32511
Affects
jmespath
| Versions
<1.6.1
M
Use of Uninitialized Resource
CVE-2022-31026
Affects
trilogy
| Versions
<2.1.1
M
Cross-site Scripting (XSS)
CVE-2021-25975
Affects
publify_core
| Versions
>=8.0, <9.2.5
L
Cross-site Request Forgery (CSRF)
CVE-2022-31000
Affects
solidus_backend
| Versions
<2.11.16
>=3.0.0, <3.0.6
>=3.1.0, <3.1.6
H
Denial of Service (DoS)
CVE-2022-30122
Affects
rack
| Versions
>=1.2, <2.0.9.1
>=2.1.0, <2.1.4.1
>=2.2.0, <2.2.3.1
C
Arbitrary Code Injection
CVE-2022-30123
Affects
rack
| Versions
<2.0.9.1
>=2.1.0, <2.1.4.1
>=2.2.0, <2.2.3.1
M
Improper Access Control
CVE-2022-1810
Affects
publify_core
| Versions
<9.2.9
M
Cross-site Scripting (XSS)
CVE-2022-1811
Affects
publify_core
| Versions
<9.2.9
H
Improper Handling of Unexpected Data Type
CVE-2022-29181
Affects
nokogiri
| Versions
<1.13.6
H
Inadequate Encryption Strength
CVE-2019-25061
Affects
random_password_generator
| Versions
>=0.0.0
M
Cross-site Scripting (XSS)
CVE-2022-0578
Affects
publify_core
| Versions
<9.2.8
L
Information Exposure
CVE-2022-1553
Affects
publify_core
| Versions
<9.2.8
L
Improper Access Control
CVE-2022-0574
Affects
publify_core
| Versions
<9.2.8
M
CSV Injection
CVE-2022-28481
Affects
csv-safe
| Versions
<3.0.0