Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
303512
AlmaLinux
3524
Alpine
3673
Android
2865
Bitnami
5373
Chainguard
26358
CRAN
10
crates.io
1697
Debian
46030
GHC
3
GIT
28246
GitHub Actions
27
Go
4205
Hackage
23
Hex
35
Linux
13573
Mageia
5595
Maven
5496
npm
25466
NuGet
1434
openSUSE
9947
OSS-Fuzz
3596
Packagist
4637
Pub
10
PyPI
15721
Red Hat
15853
Rocky Linux
1757
RubyGems
1681
SUSE
16155
SwiftURL
35
Ubuntu
46117
Wolfi
14370
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-9fwj-9mjf-rhj3
Packagist/auth0/login
laravel-auth0 SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
yesterday
Fix available
Severity - 9.1 (Critical)
GHSA-2f4r-34m4-3w8q
Packagist/auth0/wordpress
Auth0 Wordpress plugin Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
yesterday
Fix available
Severity - 9.1 (Critical)
GHSA-9wg9-93h9-j8ch
Packagist/auth0/symfony
Auth0 Symfony SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
yesterday
Fix available
Severity - 9.1 (Critical)
GHSA-g98g-r7gf-2r25
Packagist/auth0/auth0-php
Forgeable Encrypted Session Cookie in Apps Using Auth0-PHP SDK
2 days ago
Fix available
Severity - 9.1 (Critical)
GHSA-f6rx-hf55-4255
Packagist/sulu/sulu
Sulu vulnerable to XXE in SVG File upload Inspector
3 days ago
Fix available
Severity - 6.1 (Medium)
GHSA-fw82-87p8-v6hp
Packagist/getkirby/kirby
Kirby vulnerable to path traversal of snippet names in the `snippet()` helper
5 days ago
Fix available
Severity - 6.3 (Medium)
GHSA-9p3p-w5jf-8xxg
Packagist/getkirby/cms
Kirby vulnerable to path traversal in the router for PHP's built-in server
5 days ago
Fix available
Severity - 2.3 (Low)
GHSA-x275-h9j4-7p4h
Packagist/getkirby/cms
Kirby vulnerable to path traversal of collection names during file system lookup
5 days ago
Fix available
Severity - 6.3 (Medium)
GHSA-qqcr-9jfc-35c4
Packagist/oxid-esales/oxideshop-ce
OXID eShop May Display User Information
5 days ago
No fix available
Severity - 7.5 (High)
GHSA-7vrx-9684-xrf2
Packagist/craftcms/cms
Craft CMS stores arbitrary content provided by unauthenticated users in session files
08 May
Fix available
Severity - 6.9 (Medium)
GHSA-fxvx-gfmr-5xfj
Packagist/koillection/koillection
Koillection Cross Site Scripting vulnerability
07 May
Fix available
Severity - 6.1 (Medium)
GHSA-hcjv-982c-5f29
Packagist/alextselegidis/easyappointments
Easy!Appointments Denial of Service (DoS)
07 May
No fix available
Severity - 5.5 (Medium)
GHSA-3527-qv2q-pfvx
Packagist/league/commonmark
league/commonmark contains a XSS vulnerability in Attributes extension
05 May
Fix available
Severity - 6.4 (Medium)
GHSA-7c58-g782-9j38
Packagist/craftcms/cms
Craft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTI
05 May
Fix available
Severity - 7.3 (High)
GHSA-96hh-8hx5-cpw7
Packagist/october/system
Packagist/october/october
October CMS Allows Unprotected SVG Rename in Media Manager
05 May
Fix available
Severity - 1.1 (Low)
GHSA-h3vp-qwmx-5j25
Packagist/snipe/snipe-it
Grokability Snipe-IT has incorrect authorization for accessing asset information
02 May
Fix available
Severity - 5.0 (Medium)
Load more...
Packagist - OSV