Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
116124
AlmaLinux
2722
Alpine
3397
Android
881
Bitnami
3891
CRAN
10
crates.io
1346
Debian
9846
GIT
32964
GitHub Actions
16
Go
2139
Hackage
18
Hex
29
Linux
13573
Maven
4872
npm
14360
NuGet
581
OSS-Fuzz
3280
Packagist
3394
Pub
8
PyPI
11746
Rocky Linux
1121
RubyGems
786
SwiftURL
31
Ubuntu
5113
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-2pg6-vw9c-qhjv
Packagist/passbolt/passbolt_api
Passbolt API allows HTML injection
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.5
v1.0.6
...
2024-04-26T03:30:29Z
Fix available
GHSA-346h-749j-r28w
Packagist/mdanter/ecc
PHPECC vulnerable to multiple cryptographic side-channel attacks
0.2.0
v0.3.0
v0.3.1
v0.3.2
v0.4.0
v0.4.1
v0.4.2
...
2024-04-25T18:31:58Z
No fix available
GHSA-vjwg-28gv-pm8h
Packagist/pimcore/pimcore
Pimcore TinyMCE Bundle - tinymce CVE-2024-29203, CVE-2024-29881
v11.0.0
v11.0.0-ALPHA1
v11.0.0-ALPHA2
v11.0.0-ALPHA3
v11.0.0-ALPHA4
v11.0.0-ALPHA5
v11.0.0-ALPHA6
...
2024-04-24T17:02:33Z
Fix available
GHSA-qh9w-r7g5-q939
Packagist/zendframework/zendframework1
Packagist/zendframework/zend-db
Packagist/zendframework/zendframework
Zend Framework SQL injection vulnerability
1.12.0
1.12.1
1.12.2
1.12.3
1.12.4
1.12.5
1.12.6
...
2024-04-23T22:39:03Z
Fix available
GHSA-297x-j9pm-xjgg
Packagist/drupal/core
Packagist/drupal/drupal
Drupal Core Remote Code Execution Vulnerability
8.0.0
8.0.0-beta10
8.0.0-beta11
8.0.0-beta12
8.0.0-beta13
8.0.0-beta14
8.0.0-beta15
...
2024-04-23T22:36:09Z
Fix available
GHSA-mw82-6m2g-qh6c
Packagist/sylius/sylius
Sylius Cross Site Scripting (XSS) vulnerability
v0.1.0
v0.10.0
v0.11.0
v0.12.0
v0.13.0
v0.14.0
v0.15.0
...
2024-04-22T21:31:00Z
No fix available
GHSA-jh57-j3vq-h438
Packagist/librenms/librenms
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2024-04-22T18:37:35Z
Fix available
GHSA-72m9-7c8x-pmmw
Packagist/librenms/librenms
LibreNMS uses Improper Sanitization on Service template name leads to Stored XSS
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2024-04-22T18:37:27Z
Fix available
GHSA-cwx6-cx7x-4q34
Packagist/librenms/librenms
LibreNMS vulnerable to SQL injection time-based leads to database extraction
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2024-04-22T18:37:21Z
Fix available
GHSA-mx3p-fhpw-x6rv
Packagist/tecnickcom/tcpdf
TCPDF vulnerable to Regular Expression Denial of Service
6.0.013
6.0.014
6.0.015
6.0.016
6.0.017
6.0.018
6.0.019
...
2024-04-19T18:31:11Z
No fix available
GHSA-7947-48q7-cp5m
Dolibarr Application Home Page has HTML injection vulnerability
18.0.4
2024-04-18T16:42:32Z
No fix available
GHSA-6ppg-rgrg-f573
Packagist/dolibarr/dolibarr
Dolibarr vulnerable to Cross-Site Request Forgery
10.0.0
10.0.1
10.0.2
10.0.3
10.0.4
10.0.5
10.0.6
...
2024-04-17T00:30:57Z
No fix available
GHSA-g9wg-98c2-qv3v
Packagist/tecnickcom/tcpdf
TCPDF Cross-site Scripting vulnerability
6.0.013
6.0.014
6.0.015
6.0.016
6.0.017
6.0.018
6.0.019
...
2024-04-15T06:30:35Z
Fix available
GHSA-chcp-g9j5-3xxx
Packagist/winter/wn-dusk-plugin
Dusk plugin may allow unfettered user authentication in misconfigured installs
v2.0.0
2024-04-12T21:26:01Z
Fix available
GHSA-mgv8-w49f-822w
Packagist/mautic/core
Mautic: MST-48 Server-Side Request Forgery in Asset section
1.0.0
1.0.0-beta4
1.0.0-rc1
1.0.0-rc2
1.0.0-rc3
1.0.0-rc4
1.0.1
...
2024-04-12T21:25:18Z
Fix available
GHSA-qjx3-2g35-6hv8
Packagist/mautic/core
Mautic Sensitive Data Exposure due to inadequate user permission settings
1.0.2
1.0.3
1.0.4
1.0.5
1.1.0
1.1.1
1.1.2
...
2024-04-12T17:28:52Z
Fix available
Load more...
Packagist - OSV