Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-6fx5-5cw5-4897
  • Packagist/craftcms/cms
 Craft CMS Race condition in Token Service potentially allows for token usage greater than the token limit 7 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-gp2f-7wcm-5fhx
  • Packagist/craftcms/cms
 Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding 7 hours ago
  • Fix available
  • Severity - 7.0 (High)
GHSA-3jh3-prx3-w6wc
  • Packagist/craftcms/cms
 Craft CMS has Stored XSS in Table Field via "HTML" Column Type 7 hours ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-rcqw-6466-3mv7
  • Packagist/wwbn/avideo
 AVideo has Stored Cross-Site Scripting via Markdown Comment Injection 3 days ago
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-v7m3-fpcr-h7m2
  • Packagist/zumba/json-serializer
 Zumba Json Serializer has a potential PHP Object Injection via Unrestricted @type in unserialize() 4 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-34p4-7w83-35g2
  • Packagist/getformwork/formwork
 Formwork Improperly Managed Privileges in User creation 4 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-8r7r-f4gm-wcpq
  • Packagist/statamic/cms
 Statamic affected by privilege escalation via stored cross-site scripting 4 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-79q9-wc6p-cf92
  • Packagist/librenms/librenms
 LibreNMS has a Time-Based Blind SQL Injection in address-search.inc.php 5 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-6xmx-xr9p-58p7
  • Packagist/librenms/librenms
 LibreNMS has a Stored XSS in Alert Rule 5 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-h3rv-q4rq-pqcv
  • Packagist/librenms/librenms
 LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream. 5 days ago
  • Fix available
GHSA-fqx6-693c-f55g
  • Packagist/librenms/librenms
 LibreNMS has a Stored XSS in Custom OID - unit parameter missing strip_tags() 5 days ago
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-93fx-g747-695x
  • Packagist/librenms/librenms
 LibreNMS /port-groups name Stored Cross-Site Scripting 5 days ago
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-5pqf-54qp-32wx
  • Packagist/librenms/librenms
 LibreNMS /device-groups name Stored Cross-Site Scripting 5 days ago
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-gqx7-99jw-6fpr
  • Packagist/librenms/librenms
 LibreNMS affected by reflected xss via email field 5 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-g7vw-f8p5-c728
  • Packagist/pterodactyl/panel
 Pterodactyl Panel Allows Cross-Node Server Configuration Disclosure via Remote API Missing Authorization 6 days ago
  • Fix available
  • Severity - 9.2 (Critical)
GHSA-hr7j-63v7-vj7g
  • Go/github.com/pterodactyl/wings
  • Packagist/pterodactyl/panel
 Pterodactyl Panel's SFTP sessions remain active after user account deletion or password change 6 days ago
  • Fix available
  • Severity - 7.5 (High)
Load more...