Vulnerability Database
Blog
About
Vulnerability Library
search
All ecosystems
42248
Alpine
3088
Android
505
crates.io
1023
Debian
8998
GitHub Actions
6
Go
1155
Hex
21
Linux
12996
Maven
3171
npm
2800
NuGet
254
OSS-Fuzz
2639
Packagist
1295
Pub
3
PyPI
3713
RubyGems
581
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-3gv2-29qc-v67m
Packagist/symfony/security-bundle
Packagist/symfony/security-bundle
Packagist/symfony/security-bundle
Packagist/symfony/security-bundle
Packagist/symfony/security-bundle
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Symfony vulnerable to Session Fixation of CSRF tokens
2.0.7
v2.0.10
v2.0.12
v2.0.13
v2.0.14
v2.0.15
v2.0.16
...
2023-02-04T00:50:54.238658Z
Fix available
GHSA-h7vf-5wrv-9fhv
Packagist/symfony/http-kernel
Packagist/symfony/http-kernel
Packagist/symfony/http-kernel
Packagist/symfony/http-kernel
Packagist/symfony/http-kernel
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Symfony storing cookie headers in HttpCache
2.0.4
2.0.5
2.0.6
2.0.7
v2.0.10
v2.0.12
v2.0.13
...
2023-02-04T00:50:54.047648Z
Fix available
GHSA-q3c8-65q7-9v78
Packagist/automad/automad
Cross site scripting in automad/automad
1.0.0
1.0.0-beta1
1.0.0-beta2
1.0.0-beta3
1.0.0-beta4
1.0.0-beta5
1.0.1
...
2023-02-04T00:36:08.954263Z
Fix available
GHSA-vxpm-8hcp-qh27
Packagist/swag/paypal
Payment information sent to PayPal not necessarily identical to created order
0.10.0
0.10.1
0.11.0
0.11.1
0.12.0
0.13.0
0.9.0
...
2023-02-04T00:29:56.370337Z
Fix available
GHSA-8xv4-jj4h-qww6
Packagist/pimcore/pimcore
Pimcore contains Unrestricted Upload of File with Dangerous Type
10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...
2023-02-04T00:21:01.056537Z
Fix available
GHSA-2mgx-226x-8pwv
Packagist/wwbn/avideo
AVideo vulnerable to Improper Privilege Management
See details.
2023-02-03T21:55:19Z
Fix available
GHSA-82j4-vr25-x394
Packagist/showdoc/showdoc
Cross-site Scripting in ShowDoc
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.1.0
...
2023-02-03T06:03:57.490254Z
Fix available
GHSA-77rm-9x9h-xj3g
NuGet/Google.Protobuf
Packagist/google/protobuf
Maven/com.google.protobuf:protobuf-parent
Go/github.com/protocolbuffers/protobuf
PyPI/protobuf
NULL Pointer Dereference in Protocol Buffers
0.0.1-test1
3.0.0
3.0.0-alpha4
3.0.0-beta2
3.0.0-beta3
3.0.0-beta4
3.1.0
...
2023-02-03T06:03:30.309657Z
Fix available
GHSA-phrq-v4q2-hmq6
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Packagist/sabberworm/php-css-parser
Code injection vulnerability in allSelectors()
8.3.0
8.2.0
8.1.0
8.0.0
7.0.0
7.0.1
7.0.2
...
2023-02-03T06:01:35.885907Z
Fix available
GHSA-vpw5-grxx-v396
Packagist/lms/routes
CSRF token exposure in TYPO3 extension
v1.3.3
v1.4.0
v1.4.1
v1.5.0
v1.5.1
v1.5.10
v1.5.2
...
2023-02-03T06:01:32.491703Z
Fix available
GHSA-5vfx-8w6m-h3v4
Packagist/pterodactyl/panel
Pterodactyl Panel vulnerable to authentication bypass due to improper user-provided security token verification
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.1.0
v1.1.1
v1.1.2
...
2023-02-03T06:01:30.354177Z
Fix available
GHSA-pwwm-pwx2-2hw7
Packagist/snipe/snipe-it
Generation of Error Message Containing Sensitive Information in Snipe-IT
3.2.0
v0.1.0
v0.1.1
v0.1.2
v0.2.0
v0.3.0-alpha
v0.3.10-alpha
...
2023-02-03T06:01:24.894492Z
Fix available
GHSA-7gm7-8q8v-9gf2
Packagist/shopware/platform
Packagist/shopware/core
Server-Side Request Forgery (SSRF) in Shopware
6.3.0.0
6.3.0.1
6.3.0.2
6.3.1.0
6.3.1.1
6.3.2.0
6.3.2.1
...
2023-02-03T06:01:24.346552Z
Fix available
GHSA-7rg4-266c-jqw6
Packagist/centreon/centreon
Packagist/centreon/centreon
Packagist/centreon/centreon
Packagist/centreon/centreon
Predictable CSRF tokens in centreon/centreon
20.10.0
20.10.1
20.10.2
20.10.3
20.10.4
20.10.5
20.10.6
...
2023-02-03T06:00:17.286690Z
Fix available
GHSA-7vxc-chqj-h83g
Packagist/showdoc/showdoc
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.1.0
...
2023-02-03T05:58:16.112270Z
Fix available
GHSA-vcvg-g8p2-3hqr
Packagist/backdrop/backdrop
Cross-site Scripting in Backdrop CMS
1.13.2-rc1
1.13.2-rc2
1.17.3
1.18.3
1.19.1
1.20.3
1.21.0
...
2023-02-03T05:58:14.237469Z
No fix available
Load more...
Packagist - OSV