Vulnerability Database
About
Vulnerability Library
search
All ecosystems
35478
Alpine
2864
Android
361
crates.io
946
Debian
8719
DWF
15
GitHub Actions
3
Go
887
GSD
35
Hex
18
JavaScript
1
Linux
9110
Maven
2156
npm
2637
NuGet
220
OSS-Fuzz
2457
Packagist
1060
Pub
3
PyPI
3510
RubyGems
476
UVI
0
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-rv5q-72p2-2q24
Packagist/centreon/centreon
Packagist/centreon/centreon
Packagist/centreon/centreon
Centreon contains cross-site scripting vulnerability via esc_name parameter
18.10.10
18.10.11
18.10.12
18.10.6
18.10.7
18.10.8
18.10.9
...
2022-09-30T06:55:40.204798Z
Fix available
GHSA-25gv-wg6f-6frp
Packagist/centreon/centreon
Packagist/centreon/centreon
Packagist/centreon/centreon
Centreon SQL Injection vulnerability via esc_name parameter
18.10.10
18.10.11
18.10.12
18.10.6
18.10.7
18.10.8
18.10.9
...
2022-09-30T06:55:08.919583Z
Fix available
GHSA-52m2-vc4m-jj33
Packagist/twig/twig
Packagist/twig/twig
Packagist/twig/twig
Twig may load a template outside a configured directory when using the filesystem loader
1.3.0
1.4.0
1.5.0
1.5.1
1.6.0
1.6.1
1.6.2
...
2022-09-30T06:16:45.655545Z
Fix available
GHSA-6x28-7h8c-chx4
Packagist/dompdf/dompdf
Dompdf allows remote file inclusion because URI validation failure does not halt font registration
v0.6.0
v0.6.1
v0.6.2
v0.7.0
v0.7.0-beta
v0.7.0-beta2
v0.7.0-beta3
...
2022-09-30T04:54:32.441818Z
Fix available
GHSA-qrqm-574x-q7f2
Packagist/awesome-support/awesome-support
Awesome Support vulnerable to persistent cross-site scripting
3.0.0
3.0.0-beta-1
3.0.0-beta-2
3.0.1
3.1.0
3.1.1
3.1.10
...
2022-09-29T19:17:13.625274Z
Fix available
GHSA-4h9c-v5vg-5m6m
Packagist/smarty/smarty
Packagist/smarty/smarty
Access to restricted PHP code by dynamic static class access in smarty
v2.6.24
v2.6.25
v2.6.26
v2.6.27
v2.6.28
v2.6.29
v2.6.30
...
2022-09-27T08:56:39.831942Z
Fix available
GHSA-29gp-2c3m-3j6m
Packagist/smarty/smarty
Packagist/smarty/smarty
Sandbox Escape by math function in smarty
v2.6.24
v2.6.25
v2.6.26
v2.6.27
v2.6.28
v2.6.29
v2.6.30
...
2022-09-27T08:56:31.633789Z
Fix available
GHSA-634x-pc3q-cf4c
Packagist/smarty/smarty
Packagist/smarty/smarty
PHP Code Injection by malicious block or filename in Smarty
v2.6.24
v2.6.25
v2.6.26
v2.6.27
v2.6.28
v2.6.29
v2.6.30
...
2022-09-27T08:55:57.078847Z
Fix available
GHSA-fvf5-xp83-vrqp
Packagist/icecoder/icecoder
ICEcoder vulnerable to Path Traversal
8.0
8.1
2022-09-27T08:55:39.928785Z
No fix available
GHSA-hwq7-5vv9-c6cf
Packagist/smarty/smarty
Packagist/smarty/smarty
Smarty Cross-site Scripting vulnerability in pages that use smarty_function_mailto
v2.6.24
v2.6.25
v2.6.26
v2.6.27
v2.6.28
v2.6.29
v2.6.30
...
2022-09-27T08:55:14.561455Z
Fix available
GHSA-mw37-wx8p-gp45
Packagist/craftcms/cms
Packagist/craftcms/cms
Craft CMS vulnerable to Cross-site Scripting via entry revisions and drafts
3.7.0
3.7.0-beta.1
3.7.0-beta.2
3.7.0-beta.3
3.7.0-beta.4
3.7.0-beta.5
3.7.0-beta.6
...
2022-09-26T20:01:16.655659Z
Fix available
GHSA-mrwr-2945-fr22
Packagist/pagekit/pagekit
Cross-site scripting in PageKit
0.10.0
0.10.1
0.10.2
0.10.3
0.10.4
0.11.0
0.11.1
...
2022-09-25T03:32:31.217074Z
No fix available
GHSA-v2f3-f8x4-m3w8
Packagist/lavalite/cms
Cross Site Scripting in LavaLite CMS
5.5.0
5.5.1
5.5.2
5.5.3
5.5.4
5.5.5
5.5.6
...
2022-09-25T03:32:30.832786Z
No fix available
GHSA-v92m-hhhw-vv9v
Packagist/codiad/codiad
Code injection in codiad
v1.3.6
2022-09-25T03:32:11.054741Z
No fix available
GHSA-8vh3-29mr-m9xg
Packagist/showdoc/showdoc
Inadequate Encryption Strength in showdoc
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.1.0
...
2022-09-25T03:31:33.033304Z
No fix available
GHSA-7vph-p634-vrqf
Packagist/billz/raspap-webgui
Command Injection in RaspAP 2.6.6
2.4.1
2.5
2.5.1
2.5.2
2.6
2.6-beta
2.6.1
...
2022-09-25T03:31:26.260881Z
No fix available
Load more...
Packagist - OSV
