Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
116444
AlmaLinux
2722
Alpine
3396
Android
881
Bitnami
3900
CRAN
10
crates.io
1350
Debian
9864
GIT
33012
GitHub Actions
16
Go
2157
Hackage
18
Hex
30
Linux
13573
Maven
4882
npm
14391
NuGet
581
OSS-Fuzz
3289
Packagist
3397
Pub
8
PyPI
11905
Rocky Linux
1121
RubyGems
788
SwiftURL
31
Ubuntu
5122
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-384w-wffr-x63q
Packagist/pterodactyl/panel
Pterodactyl panel's admin area vulnerable to Cross-site Scripting
v0.1.0-beta
v0.1.1-beta
v0.1.2-beta
v0.2.0-beta
v0.3.0-beta
v0.4.0-beta
v0.4.1-beta
...
2024-05-03T20:29:04Z
Fix available
GHSA-5hcr-g32p-h74c
Lavalite CMS Cross Site Scripting vulnerability
10.1.0
2024-04-27T00:30:37Z
No fix available
GHSA-2pg6-vw9c-qhjv
Packagist/passbolt/passbolt_api
Passbolt API allows HTML injection
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.5
v1.0.6
...
2024-04-26T03:30:29Z
Fix available
GHSA-346h-749j-r28w
Packagist/mdanter/ecc
PHPECC vulnerable to multiple cryptographic side-channel attacks
0.2.0
v0.3.0
v0.3.1
v0.3.2
v0.4.0
v0.4.1
v0.4.2
...
2024-04-25T18:31:58Z
No fix available
GHSA-vjwg-28gv-pm8h
Packagist/pimcore/pimcore
Pimcore TinyMCE Bundle - tinymce CVE-2024-29203, CVE-2024-29881
v11.0.0
v11.0.0-ALPHA1
v11.0.0-ALPHA2
v11.0.0-ALPHA3
v11.0.0-ALPHA4
v11.0.0-ALPHA5
v11.0.0-ALPHA6
...
2024-04-24T17:02:33Z
Fix available
GHSA-qh9w-r7g5-q939
Packagist/zendframework/zendframework1
Packagist/zendframework/zend-db
Packagist/zendframework/zendframework
Zend Framework SQL injection vulnerability
1.12.0
1.12.1
1.12.2
1.12.3
1.12.4
1.12.5
1.12.6
...
2024-04-23T22:39:03Z
Fix available
GHSA-297x-j9pm-xjgg
Packagist/drupal/core
Packagist/drupal/drupal
Drupal Core Remote Code Execution Vulnerability
8.0.0
8.0.0-beta10
8.0.0-beta11
8.0.0-beta12
8.0.0-beta13
8.0.0-beta14
8.0.0-beta15
...
2024-04-23T22:36:09Z
Fix available
GHSA-mw82-6m2g-qh6c
Packagist/sylius/sylius
Sylius Cross Site Scripting (XSS) vulnerability
v0.1.0
v0.10.0
v0.11.0
v0.12.0
v0.13.0
v0.14.0
v0.15.0
...
2024-04-22T21:31:00Z
No fix available
GHSA-jh57-j3vq-h438
Packagist/librenms/librenms
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2024-04-22T18:37:35Z
Fix available
GHSA-72m9-7c8x-pmmw
Packagist/librenms/librenms
LibreNMS uses Improper Sanitization on Service template name leads to Stored XSS
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2024-04-22T18:37:27Z
Fix available
GHSA-cwx6-cx7x-4q34
Packagist/librenms/librenms
LibreNMS vulnerable to SQL injection time-based leads to database extraction
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2024-04-22T18:37:21Z
Fix available
GHSA-mx3p-fhpw-x6rv
Packagist/tecnickcom/tcpdf
TCPDF vulnerable to Regular Expression Denial of Service
6.0.013
6.0.014
6.0.015
6.0.016
6.0.017
6.0.018
6.0.019
...
2024-04-19T18:31:11Z
No fix available
GHSA-7947-48q7-cp5m
Dolibarr Application Home Page has HTML injection vulnerability
18.0.4
2024-04-18T16:42:32Z
No fix available
GHSA-6ppg-rgrg-f573
Packagist/dolibarr/dolibarr
Dolibarr vulnerable to Cross-Site Request Forgery
10.0.0
10.0.1
10.0.2
10.0.3
10.0.4
10.0.5
10.0.6
...
2024-04-17T00:30:57Z
No fix available
GHSA-g9wg-98c2-qv3v
Packagist/tecnickcom/tcpdf
TCPDF Cross-site Scripting vulnerability
6.0.013
6.0.014
6.0.015
6.0.016
6.0.017
6.0.018
6.0.019
...
2024-04-15T06:30:35Z
Fix available
GHSA-chcp-g9j5-3xxx
Packagist/winter/wn-dusk-plugin
Dusk plugin may allow unfettered user authentication in misconfigured installs
v2.0.0
2024-04-12T21:26:01Z
Fix available
Load more...
Packagist - OSV