Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-8xx5-h6m3-jr33
  • Packagist/prestashop/prestashop
 Presta Shop vulnerable to email enumeration yesterday
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-3ggv-qwcp-j6xg
  • Packagist/mautic/core
 Mautic Vulnerable to User Enumeration via Response Timing 2 days ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-9v8p-m85m-f7mm
  • Packagist/mautic/core
 Mautic vulnerable to reflected XSS in lead:addLeadTags - Quick Add 2 days ago
  • Fix available
  • Severity - 4.8 (Medium)
GHSA-438m-6mhw-hq5w
  • Packagist/mautic/core
 Mautic vulnerable to secret data extraction via elfinder 2 days ago
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-hj6f-7hp7-xg69
  • Packagist/mautic/core
 Mautic vulnerable to SSRF via webhook function 2 days ago
  • Fix available
  • Severity - 2.7 (Low)
GHSA-fqqv-56h5-f57g
  • Packagist/pocketmine/pocketmine-mp
 PocketMine-MP `ResourcePackDataInfoPacket` amplification vulnerability due to lack of resource pack sequence status checking 3 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-qqfq-7cpp-hcqj
  • Packagist/contao/core-bundle
  • Packagist/contao/contao
 Contao does not properly manage privileges for page and article fields 28 Aug
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-w53m-gxvg-vx7p
  • Packagist/contao/core-bundle
  • Packagist/contao/contao
 Contao can disclose sensitive information in the news module 28 Aug
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-2xmj-8wmq-7475
  • Packagist/contao/core-bundle
  • Packagist/contao/contao
 Contao discloses sensitive information in the front end search index 28 Aug
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-7m47-r75r-cx8v
  • Packagist/contao/core-bundle
  • Packagist/contao/contao
 Contao applies improper access control in the back end voters 28 Aug
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-9hp3-f5g8-rccg
  • Packagist/solspace/craft-freeform
 The Freeform CraftCMS plugin contains an Server-side template injection (SSTI) vulnerability 27 Aug
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-gqp9-jh35-439m
  • Packagist/badaso/core
 Badaso CMS file upload vulnerability 26 Aug
  • No fix available
  • Severity - 8.9 (High)
GHSA-2f28-69j7-85hf
  • Packagist/alextselegidis/easyappointments
 Easy!Appointments SQL injection vulnerability 26 Aug
  • Fix available
  • Severity - 5.7 (Medium)
GHSA-crcq-738g-pqvc
  • Packagist/craftcms/cms
 Craft CMS Potential Remote Code Execution via Twig SSTI 25 Aug
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-mqh4-2mm8-g7w9
  • Packagist/vrana/adminer
 Adminer PHP Object Injection issue leads to Denial of Service 25 Aug
  • No fix available
  • Severity - 8.6 (High)
GHSA-rx7m-68vc-ppxh
  • Packagist/phpoffice/phpspreadsheet
 PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser 25 Aug
  • Fix available
  • Severity - 8.7 (High)
Load more...