Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-9f58-4465-23c7
  • Packagist/code16/sharp
 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax 13 hours ago
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-867c-p784-5q6g
  • Packagist/privatebin/privatebin
 PrivateBin is missing HTML sanitization of attached filename in file size hint yesterday
  • Fix available
  • Severity - 5.8 (Medium)
GHSA-25wf-7x6c-wmpf
  • Packagist/moodle/moodle
 Moodle does not properly enforce MFA 6 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-422v-w6c5-vq42
  • Packagist/moodle/moodle
 Moodle exposed the names of hidden groups to users 6 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-c5cj-xp43-qcc3
  • Packagist/moodle/moodle
 Moodle's error handling leads to sensitive information disclosure 6 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-m58f-9pvv-8mp2
  • Packagist/moodle/moodle
 Moodle vulnerable to brute-force password guesses 6 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-w29j-8phw-ffjf
  • Packagist/moodle/moodle
 Moodle has a time restriction bypass 6 days ago
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-8fcv-4qp9-pg32
  • Packagist/moodle/moodle
 Moodle sends quiz-related messages to inactive/suspended users 6 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-rjcm-7v2p-9265
  • Packagist/moodle/moodle
 Moodle course access permissions are not properly checked in course_output_fragment_course_overview 6 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-2v5m-cq9w-fc33
  • Packagist/admidio/admidio
 Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality 22 Oct
  • Fix available
  • Severity - 7.2 (High)
GHSA-9778-v769-qvjf
  • Packagist/code16/sharp
 code16 Sharp vulnerable to Cross Site Scripting (XSS) 21 Oct
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-9p44-q66p-xm6p
  • Packagist/processwire/processwire
 ProcessWire CMS vulnerable to resource-exhaustion Denial of Service 21 Oct
  • No fix available
  • Severity - 5.7 (Medium)
GHSA-r2vg-hvjm-fg38
  • Packagist/shopware/platform
  • Packagist/shopware/core
 Shopware Customer Orders can be canceled, even if refunds are disabled 21 Oct
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-27c9-vp3w-6ww8
  • Packagist/shopware/platform
  • Packagist/shopware/core
 Shopware exposes sensitive user information via CSV export mapping 21 Oct
  • Fix available
  • Severity - 4.9 (Medium)
GHSA-3cpp-fv95-mpr5
  • Packagist/shopware/platform
  • Packagist/shopware/core
 Shopware vulnerable to Server-Side Request Forgery (SSRF) – order invoice 21 Oct
  • Fix available
  • Severity - 2.7 (Low)
GHSA-6wh5-mw9h-5c3w
  • Packagist/shopware/platform
  • Packagist/shopware/core
 Shopware vulnerable to path traversal via Plugin upload 21 Oct
  • Fix available
  • Severity - 2.7 (Low)
Load more...