Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-4rwr-8c3m-55f6
  • Packagist/torrentpier/torrentpier
 TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topic_id parameter 21 hours ago
  • No fix available
  • Severity - 8.8 (High)
GHSA-qv78-c8hc-438r
  • Packagist/openmage/magento-lts
 OpenMage vulnerable to XSS in Admin Notifications 03 Nov
  • Fix available
  • Severity - 4.6 (Medium)
GHSA-g582-8vwr-68h2
  • Packagist/mantisbt/mantisbt
 MantisBT unauthorized disclosure of private project column configuration 03 Nov
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-q747-c74m-69pr
  • Packagist/mantisbt/mantisbt
 MantisBT lacks verification when changing a user's email address 03 Nov
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-r3jf-hm7q-qfw5
  • Packagist/mantisbt/mantisbt
 MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length 03 Nov
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-4v8w-gg5j-ph37
  • Packagist/mantisbt/mantisbt
 MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling 03 Nov
  • Fix available
  • Severity - 8.8 (High)
GHSA-g59r-24g3-h7cm
  • Packagist/statamic/cms
 Statamic Vulnerable to Superadmin Account Takeover via Stored Cross-Site Scripting and Lack of Proper X-CSRF-TOKEN Server-Side Validation 30 Oct
  • Fix available
  • Severity - 8.0 (High)
GHSA-h72q-cq3w-h3wc
  • Packagist/drupal/civictheme
 Drupal CivicTheme Design System allows Cross-Site Scripting (XSS) 30 Oct
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-jqmq-fpwv-p925
  • Packagist/drupal/simple_oauth
 Drupal Simple OAuth (OAuth2) & OpenID Connect allows Authentication Bypass 30 Oct
  • Fix available
  • Severity - 7.5 (High)
GHSA-x957-32v9-m7vg
  • Packagist/drupal/acquia_dam
 Drupal Acquia DAM allows Forceful Browsing 30 Oct
  • Fix available
  • Severity - 7.5 (High)
GHSA-27fv-rpgj-4c6m
  • Packagist/drupal/currency
 Drupal Currency allows Cross Site Request Forgery 30 Oct
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-27mc-9399-r9mx
  • Packagist/drupal/access_code
 Drupal Access code allows Brute Force Attempts 30 Oct
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-fg8x-q69g-4qp3
  • Packagist/drupal/reverse_proxy_header
 Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables 30 Oct
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-jxp8-4jw5-5xjc
  • Packagist/drupal/umami_analytics
 Drupal Umami Analytics allows Cross-Site Scripting (XSS) 30 Oct
  • Fix available
  • Severity - 3.8 (Low)
GHSA-m3f2-xjgc-2wp2
  • Packagist/drupal/json_field
 Drupal JSON Field is vulnerable to XSS 30 Oct
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-pr6m-qwrr-mrw9
  • Packagist/drupal/plausible_tracking
 Drupal Plausible tracking is vulnerable to XSS 30 Oct
  • Fix available
  • Severity - 6.1 (Medium)
Load more...