Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
H
Improper Input Validation
CVE-2022-29970
Affects
sinatra
| Versions
<2.2.0
M
Cross-site Scripting (XSS)
CVE-2022-27777
Affects
actionview
| Versions
<5.2.7.1
>=6.0.0.beta1, <6.0.4.8
>=6.1.0.rc1, <6.1.5.1
>=7.0.0.alpha1, <7.0.2.4
M
Cross-site Scripting (XSS)
CVE-2022-22577
Affects
actionpack
| Versions
>=5.2.0, <5.2.7.1
>=6.0.0.beta1, <6.0.4.8
>=6.1.0.rc1, <6.1.5.1
>=7.0.0.alpha1, <7.0.2.4
M
Server-side Request Forgery (SSRF)
CVE-2022-27311
Affects
gibbon
| Versions
<3.4.4
M
SQL Injection
CVE-2022-29498
Affects
blazer
| Versions
<2.6.0
H
Command Injection
CVE-2022-25648
Affects
git
| Versions
<1.11.0
H
Out-of-bounds Write
CVE-2018-25032
Affects
nokogiri
| Versions
<1.13.4
H
Regular Expression Denial of Service (ReDoS)
CVE-2022-24836
Affects
nokogiri
| Versions
<1.13.4
H
Denial of Service (DoS)
CVE-2022-23437
Affects
nokogiri
| Versions
<1.13.4
M
Time-Based One-Time Password (TOTP) Reuse
CVE-2021-43177
Affects
devise-two-factor
| Versions
<4.0.2
M
Denial of Service (DoS)
CVE-2022-24795
Affects
yajl-ruby
| Versions
<1.4.2
H
Command Injection
CVE-2022-24440
Affects
cocoapods-downloader
| Versions
<1.6.0
>=1.6.2, <1.6.3
H
Command Injection
CVE-2022-21223
Affects
cocoapods-downloader
| Versions
<1.6.2
C
Command Injection
CVE-2022-24803
Affects
asciidoctor-include-ext
| Versions
<0.4.0
M
Improper Authorization
CVE-2021-3456
Affects
smart_proxy_salt
| Versions
>=0.0.0
C
HTTP Request Smuggling
CVE-2022-24790
Affects
puma
| Versions
<4.3.12
>=5.0.0, <5.6.4
H
Improper Certificate Validation
CVE-2022-0759
Affects
kubeclient
| Versions
<4.9.3
H
Arbitrary Code Injection
CVE-2022-21831
Affects
activestorage
| Versions
>=5.2.0, <5.2.6.3
>=6.0.0, <6.0.4.7
>=6.1.0, <6.1.4.7
>=7.0.0, <7.0.2.3
H
Integer Overflow or Wraparound
CVE-2022-24724
Affects
commonmarker
| Versions
<0.23.4
M
Cross-site Scripting (XSS)
CVE-2022-24722
Affects
view_component
| Versions
>=2.31.0, <2.31.2
>=2.32.0, <2.49.1
C
Arbitrary Code Execution
CVE-2022-24720
Affects
image_processing
| Versions
<1.12.2
H
Use After Free
CVE-2022-23308
Affects
nokogiri
| Versions
<1.13.2
H
Information Exposure
CVE-2022-23633
Affects
actionpack
| Versions
<5.2.6.2
>=6.0.0.0, <6.0.4.6
>=6.1.0.0, <6.1.4.6
>=7.0.0.0, <7.0.2.2
H
Information Exposure
CVE-2022-23634
Affects
puma
| Versions
<4.3.11
>=5.0.0, <5.6.2
H
Improper Certificate Validation
CVE-2019-0223
Affects
qpid_proton
| Versions
>=0.9, <0.27.1
C
Incomplete Comparison with Missing Factors
CVE-2018-16395
Affects
openssl
| Versions
<2.1.2
M
Cross-site Scripting (XSS)
CVE-2018-0499
Affects
xapian-core
| Versions
<1.4.6
H
Improper Authentication
CVE-2021-41819
Affects
cgi
| Versions
>=0.3.0, <0.3.1
>=0.2.0, <0.2.1
<0.1.1
H
Denial of Service (DoS)
CVE-2022-23837
Affects
sidekiq
| Versions
<5.2.10
>=6.0.0.pre1, <6.4.0
H
Denial of Service (DoS)
CVE-2021-22569
Affects
google-protobuf
| Versions
<3.19.2