Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-6gvq-jcmp-8959
  • npm/altcha-lib
  • Packagist/altcha-org/altcha
  • Go/github.com/altcha-org/altcha-lib-go
  • Maven/org.altcha:altcha
  • RubyGems/altcha
  • ... 2 more
 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay 5 hours ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-x6mh-4w8x-p34v
  • Packagist/mineadmin/mineadmin
 MineAdmin has an insecure default password 3 days ago
  • No fix available
  • Severity - 9.8 (Critical)
GHSA-947q-2xw3-gx9c
  • Packagist/fof/pretty-mail
 FoF Pretty Mail has a server-side template injection vulnerability 4 days ago
  • No fix available
  • Severity - 8.6 (High)
GHSA-9449-rphm-mjqr
  • Packagist/azuracast/azuracast
 AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE 4 days ago
  • Fix available
  • Severity - 3.1 (Low)
GHSA-x93p-w2ch-fg67
  • Packagist/ibexa/user
 Ibexa User Bundle is missing password change validation 5 days ago
  • Fix available
  • Severity - 9.3 (Critical)
DRUPAL-CONTRIB-2025-125
  • Packagist:https://packages.drupal.org/8/drupal/acquia_contenthub
 See record for full details 5 days ago
  • Fix available
GHSA-6w82-v552-wjw2
  • Packagist/shopware/shopware
  • Packagist/shopware/storefront
 Shopware Storefront Reflected XSS in Storefront Login Page 6 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-5j8p-438x-rgg5
  • Packagist/onelogin/php-saml
 SAML PHP Toolkit Vulnerability on xmlseclibs CVE-2025-66475 6 days ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-898v-775g-777c
  • Packagist/neuron-core/neuron-ai
 Neuron MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”) 6 days ago
  • Fix available
  • Severity - 9.4 (Critical)
GHSA-j8g6-5gqc-mq36
  • Packagist/neuron-core/neuron-ai
 Neuron MySQLSelectTool “read-only” bypass via `SELECT ... INTO OUTFILE` (file write → potential RCE) 6 days ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-pvcv-q3q7-266g
  • Packagist/filament/filament
 Filament multi-factor authentication (app) recovery codes can be used multiple times 6 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-c4cc-x928-vjw9
  • Packagist/robrichards/xmlseclibs
 robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation 08 Dec
  • Fix available
  • Severity - 6.0 (Medium)
GHSA-q5hg-wppq-r2cc
  • Packagist/alexusmai/laravel-file-manager
 alexusmai laravel-file-manager is vulnerable to Directory Traversal via the unzip/extraction functionality 04 Dec
  • No fix available
  • Severity - 7.7 (High)
GHSA-rr44-8j7r-jg2q
  • Packagist/alexusmai/laravel-file-manager
 alexusmai laravel-file-manager is vulnerable to Directory Traversal 03 Dec
  • No fix available
  • Severity - 2.9 (Low)
DRUPAL-CONTRIB-2025-124
  • Packagist:https://packages.drupal.org/8/drupal/disable_login
 See record for full details 03 Dec
  • Fix available
DRUPAL-CONTRIB-2025-123
  • Packagist:https://packages.drupal.org/8/drupal/entity_share
 See record for full details 03 Dec
  • Fix available
Load more...