Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
112113
AlmaLinux
2822
Alpine
3436
Android
890
Bitnami
3949
CRAN
10
crates.io
1359
Debian
9890
GIT
27857
GitHub Actions
16
Go
2195
Hackage
18
Hex
30
Linux
13573
Maven
4894
npm
14460
NuGet
587
OSS-Fuzz
3314
Packagist
3602
Pub
8
PyPI
12040
Rocky Linux
1192
RubyGems
790
SwiftURL
31
Ubuntu
5150
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-83jv-4prm-34g7
Packagist/shopware/shopware
Shopware Remote Code Execution Vulnerability
4.2.0
4.2.1
4.2.1.1
4.2.2
4.2.3
4.3.0
4.3.1
...
2024-05-21T21:00:39Z
Fix available
GHSA-7336-ghhp-f2qj
Packagist/shopware/shopware
Shopware Remote Code Execution Vulnerability
5.2.15
v5.2.15
2024-05-21T20:52:57Z
Fix available
GHSA-jqr7-5h7r-ch8p
Packagist/shopware/shopware
Shopware Non-Persistent XSS in the Frontend
5.3.0
v5.2.0
v5.2.1
v5.2.10
v5.2.11
v5.2.12
v5.2.13
...
2024-05-21T20:42:46Z
Fix available
GHSA-q3g4-2vw9-xv27
Packagist/shopware/shopware
Shopware Remote Code Execution Vulnerability
4.2.0
4.2.0-rc.1
4.2.1
4.2.1.1
4.2.2
4.2.3
4.3.0
...
2024-05-21T18:50:07Z
Fix available
GHSA-6wqp-7g94-f69j
Packagist/sensiolabs/connect
sensiolabs/connect has a Cross-Site Request Forgery Vulnerability
v1.0
v1.1
v1.2
v1.3
v1.4
v1.5
v1.6
...
2024-05-21T18:26:46Z
Fix available
GHSA-9phw-7h96-q3rv
Packagist/scheb/two-factor-bundle
scheb/two-factor-bundle bypass two-factor authentication with remember-me option
v4.0.0
v4.1.0
v4.10.0
v4.2.0
v4.2.1
v4.3.0
v4.3.1
...
2024-05-21T18:22:04Z
Fix available
GHSA-h6mp-mc7g-mg49
Packagist/scheb/two-factor-bundle
scheb/two-factor-bundle bypass two-factor authentication with unverified JWT trusted device token
v3.0.0
v3.1.0
v3.2.0
v3.3.0
v3.3.1
v3.4.0
v3.5.0
...
2024-05-21T18:16:24Z
Fix available
GHSA-v45m-hxqp-fwf5
Packagist/verbb/formie
verbb/formie Server-Side Template Injection for variable-enabled settings
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
...
2024-05-20T20:26:28Z
Fix available
GHSA-f98p-2hc5-fm7v
Packagist/wwbn/avideo
AVideo cross-site scripting vulnerability in the view/about.php page
10.4
10.8
11
11.1
11.1.1
11.5
11.6
...
2024-05-20T18:43:57Z
Fix available
GHSA-2g98-f9jv-w8c5
Packagist/robrichards/xmlseclibs
robrichards/xmlseclibs XPath injection
1.3.2
1.3.3
1.3.4
1.4.0
1.4.1
1.4.2
1.4.3
...
2024-05-20T18:06:52Z
Fix available
GHSA-7v7m-pcw5-h3cg
Packagist/pusher/pusher-php-server
Pusher Service Channel Authentication Bypass
2.1.2
v2.1.3
v2.2.0
2024-05-20T17:49:10Z
Fix available
GHSA-7g7c-qhf3-x59p
Packagist/propel/propel1
propel/propel1 SQL injection possible with limit() on MySQL
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.6.7
1.6.8
...
2024-05-20T17:36:28Z
Fix available
GHSA-7vw7-qx38-37vr
Packagist/propel/propel
Propel2 SQL injection possible with limit() on MySQL
2.0.0-alpha1
2.0.0-alpha2
2.0.0-alpha3
2.0.0-alpha4
2.0.0-alpha5
2.0.0-alpha6
2.0.0-alpha7
2024-05-20T17:34:33Z
Fix available
GHSA-ww6p-q26w-fr6m
Packagist/phpxmlrpc/extras
phpxmlrpc/extra XSS in class documenting_xmlrpc_server
0.5.1
0.5.2
0.6.0
2024-05-20T17:14:55Z
Fix available
GHSA-qm5v-pj64-852j
Packagist/passbolt/passbolt_api
Passbolt Api Tabnabbing when opening URI with menu "Open URI in a new tab"
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.5
v1.0.6
...
2024-05-20T17:09:57Z
Fix available
GHSA-2f46-4xjm-73x5
Packagist/passbolt/passbolt_api
Passbolt API Stored XSS on first/last name during setup
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.5
v1.0.6
...
2024-05-20T17:07:44Z
Fix available
Load more...
Packagist - OSV