Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
116792
AlmaLinux
2819
Alpine
3399
Android
890
Bitnami
3902
CRAN
10
crates.io
1352
Debian
9878
GIT
33039
GitHub Actions
16
Go
2172
Hackage
18
Hex
30
Linux
13573
Maven
4887
npm
14431
NuGet
582
OSS-Fuzz
3305
Packagist
3406
Pub
8
PyPI
11934
Rocky Linux
1192
RubyGems
789
SwiftURL
31
Ubuntu
5129
ID
Packages
Summary
Affected versions
Published
Fix
MAL-2024-1357
Malicious code in by-fetch (npm)
1561.1.1
2024-05-11T22:19:38Z
No fix available
GO-2024-2638
Go/github.com/cosmos/cosmos-sdk
ValidateVoteExtensions function in Cosmos SDK may allow incorrect voting power assumptions in github.com/cosmos/cosmos-sdk
See details.
2024-05-10T21:39:27Z
Fix available
GO-2024-2800
Go/github.com/hashicorp/go-getter
Argument injection when fetching remote default Git branches in github.com/hashicorp/go-getter
See details.
2024-05-10T21:39:25Z
Fix available
GO-2024-2821
Go/github.com/stacklok/minder
Denial of Service from untrusted requests in github.com/stacklok/minder
See details.
2024-05-10T20:07:31Z
Fix available
GO-2024-2826
Go/vitess.io/vitess
Denial of service attack by triggering unbounded memory usage in vitess.io/vitess
See details.
2024-05-10T20:07:17Z
Fix available
GHSA-jcqq-g64v-gcm7
Go/github.com/spacemeshos/go-spacemesh
Go/github.com/spacemeshos/api
Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX
See details.
2024-05-10T15:33:40Z
Fix available
GHSA-7prj-9ccr-hr3q
Packagist/sylius/sylius
Sylius has potential Cross Site Scripting vulnerability via the "Province" field in the Checkout and Address Book
v1.12.0
v1.12.0-alpha.1
v1.12.0-alpha.2
v1.12.0-beta.1
v1.12.0-rc.1
v1.12.1
v1.12.10
...
2024-05-10T15:33:22Z
Fix available
GHSA-v2f9-rv6w-vw8r
Packagist/sylius/sylius
Sylius potentially vulnerable to Cross Site Scripting via "Name" field (Taxons, Products, Options, Variants) in Admin Panel
v1.12.0
v1.12.0-alpha.1
v1.12.0-alpha.2
v1.12.0-beta.1
v1.12.0-rc.1
v1.12.1
v1.12.10
...
2024-05-10T15:33:01Z
Fix available
GHSA-x525-54hf-xr53
Packagist/froxlor/froxlor
Blind XSS Leading to Froxlor Application Compromise
0.10.0
0.10.0-rc1
0.10.0-rc2
0.10.1
0.10.10
0.10.11
0.10.12
...
2024-05-10T15:29:59Z
Fix available
GHSA-mxhq-xw3g-rphc
npm/@lobehub/chat
lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability
See details.
2024-05-10T15:29:51Z
Fix available
RLSA-2024:1438
Rocky Linux:9/nodejs
Important: nodejs security update
See details.
2024-05-10T14:33:20.646898Z
Fix available
RLSA-2023:7711
Rocky Linux:9/apr
Moderate: apr security update
See details.
2024-05-10T14:33:09.148442Z
Fix available
RLSA-2024:1427
Rocky Linux:9/libreoffice
Important: libreoffice security update
See details.
2024-05-10T14:32:53.047364Z
Fix available
RLSA-2023:6539
Rocky Linux:9/perl-CPAN
Moderate: perl-CPAN security update
See details.
2024-05-10T14:32:42.380544Z
Fix available
RLSA-2023:7712
Rocky Linux:9/tracker-miners
Important: tracker-miners security update
See details.
2024-05-10T14:32:42.380544Z
Fix available
RLSA-2024:0675
Rocky Linux:9/gimp
Important: gimp security update
See details.
2024-05-10T14:32:42.380544Z
Fix available
Load more...
Vulnerability Database - OSV