Vulnerability Database
Blog
FAQ
Vulnerability Library
search
All ecosystems
66750
AlmaLinux
2297
Alpine
3242
Android
773
CRAN
3
crates.io
1198
Debian
9431
GitHub Actions
11
Go
1626
Hackage
14
Hex
23
Linux
13573
Maven
3938
npm
12309
NuGet
510
OSS-Fuzz
2962
Packagist
2221
Pub
6
PyPI
10911
Rocky Linux
980
RubyGems
722
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-725m-w832-q973
Packagist/composer/composer
Composer allows cache poisoning from other projects built on the same host
1.0.0-alpha1
1.0.0-alpha10
1.0.0-alpha11
1.0.0-alpha2
1.0.0-alpha3
1.0.0-alpha4
1.0.0-alpha5
...
2023-09-21T06:30:25Z
Fix available
GHSA-7cfq-72w2-24q4
Packagist/yiisoft/yii2
Yii2 allows attackers to execute any local .php file via a relative path in the view parameter
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2023-09-21T06:30:25Z
Fix available
GHSA-62wf-h26v-5m57
Packagist/dolibarr/dolibarr
Cross Site Scripting vulnerability in Dolibarr ERP CRM
10.0.0
10.0.1
10.0.2
10.0.3
10.0.4
10.0.5
10.0.6
...
2023-09-20T03:30:17Z
Fix available
GHSA-6773-rfjv-c54w
Packagist/dolibarr/dolibarr
Dolibarr allows a remote privileged attacker to execute arbitrary code via a crafted command/script
10.0.0
10.0.1
10.0.2
10.0.3
10.0.4
10.0.5
10.0.6
...
2023-09-20T03:30:17Z
Fix available
GHSA-g8h7-mcp6-pf47
Packagist/dolibarr/dolibarr
File Upload vulnerability in Dolibarr ERP CRM
10.0.0
10.0.1
10.0.2
10.0.3
10.0.4
10.0.5
10.0.6
...
2023-09-20T03:30:17Z
Fix available
GHSA-2q8c-gqf4-mg3v
Packagist/librenms/librenms
Cross site scripting in librenms
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2023-09-19T03:30:34Z
Fix available
GHSA-6qjf-7g3j-qx25
Packagist/neos/neos-ui
Neos CMS Cross Site Scripting vulnerability
0.0.1
1.0.0-beta0
1.0.0-beta1
1.0.0-beta2
1.0.0-beta3
1.0.0-beta4
1.0.0-beta5
...
2023-09-19T00:30:13Z
No fix available
GHSA-57m2-mpc7-gwgx
Packagist/librenms/librenms
LibreNMS Code Injection vulnerability
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2023-09-15T03:30:19Z
Fix available
GHSA-5jjm-qp48-qp86
Packagist/librenms/librenms
LibreNMS Cross-site Scripting vulnerability
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2023-09-15T03:30:19Z
Fix available
GHSA-jp3c-g46v-jg2c
Packagist/librenms/librenms
LibreNMS Cross-site Scripting vulnerability
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2023-09-15T03:30:19Z
Fix available
GHSA-m6jj-fgmh-3p8r
Packagist/librenms/librenms
LibreNMS Cross-site Scripting vulnerability
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2023-09-15T03:30:19Z
Fix available
GHSA-qjpw-rg56-jh8v
Packagist/librenms/librenms
LibreNMS Cross-site Scripting vulnerability
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2023-09-15T03:30:19Z
Fix available
GHSA-qxrq-376q-p39h
Packagist/librenms/librenms
LibreNMS Cross-site Scripting vulnerability
1.19
1.20
1.20.1
1.21
1.22
1.22.01
1.23
...
2023-09-15T03:30:19Z
Fix available
GHSA-hvpq-7vcc-5hj5
Packagist/froala/wysiwyg-editor
Froala Editor Cross-site Scripting vulnerability
v4.0.1
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.14
v4.0.15
...
2023-09-15T00:30:29Z
No fix available
GHSA-92jh-gwch-jq38
Packagist/pocketmine/pocketmine-mp
Packagist/pocketmine/pocketmine-mp
PocketMine-MP server crash with certain invalid JSON payloads in `LoginPacket` due to dependency vulnerability (again)
5.0.0
5.0.1
5.1.0
5.1.1
5.1.2
5.1.3
5.2.0
...
2023-09-14T17:10:37Z
Fix available
GHSA-79rc-jjh6-rc89
Packagist/pocketmine/pocketmine-mp
PocketMine-MP server crash due to incorrect EC curve used for LoginPacket identityPublicKey
5.2.0
5.2.1
5.3.0
2023-09-14T17:10:01Z
Fix available
Load more...
Packagist - OSV