Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
309607
AlmaLinux
3782
Alpine
3741
Android
2824
Bitnami
5664
Chainguard
24782
CRAN
10
crates.io
1730
Debian
46957
GHC
3
GIT
29710
GitHub Actions
28
Go
4348
Hackage
23
Hex
37
Linux
13574
Mageia
5643
Maven
5638
MinimOS
1765
npm
27250
NuGet
1446
openSUSE
10104
OSS-Fuzz
3084
Packagist
4739
Pub
10
PyPI
15988
Red Hat
16413
Rocky Linux
1747
RubyGems
1685
SUSE
16465
SwiftURL
35
Ubuntu
47012
Wolfi
13370
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-q745-cfqh-hcrw
Packagist/james-heinrich/phpthumb
phpThumb is vulnerable to Command Injection through its gif_outputAsJpeg function
15 hours ago
No fix available
Severity - 4.9 (Medium)
GHSA-7pgw-q3qp-6pgq
Packagist/universal-omega/dynamic-page-list3
DynamicPageList3 vulnerability exposes hidden/suppressed usernames
yesterday
Fix available
Severity - 8.7 (High)
GHSA-j4rj-fgcq-wmqp
Packagist/cockpit-hq/cockpit
Cockpit - Content Platform vulnerable to XSS through name or email argument names
04 Jul
Fix available
Severity - 5.1 (Medium)
GHSA-p85q-mww9-gwqf
Packagist/starcitizentools/short-description
Citizen Short Description stored XSS vulnerability through wikitext
03 Jul
Fix available
Severity - 8.6 (High)
GHSA-p9qc-8jjx-g8cg
Packagist/bolt/bolt
Bolt CMS vulnerable to authenticated remote code execution
03 Jul
No fix available
Severity - 7.5 (High)
GHSA-prmv-7r8c-794g
Packagist/starcitizentools/citizen-skin
Citizen vulnerable to Stored XSS through short descriptions
03 Jul
Fix available
Severity - 8.6 (High)
GHSA-rq6g-6g94-jfr4
Packagist/starcitizentools/citizen-skin
starcitizentools/citizen-skin is vulnerable to Stored XSS attack in the legacy search bar through page descriptions
03 Jul
Fix available
Severity - 8.6 (High)
GHSA-j64v-xh5w-8hqj
Packagist/microweber/microweber
Microweber CMS API has authenticated local file inclusion vulnerability
02 Jul
Fix available
Severity - 6.1 (Medium)
GHSA-jfj7-249r-7j2m
Packagist/starcitizentools/tabber-neue
TabberNeue vulnerable to Stored XSS through wikitext
27 Jun
Fix available
Severity - 8.6 (High)
GHSA-277f-37gw-9gmq
Packagist/billz/raspap-webgui
raspap-webgui has a Directory Traversal vulnerability
27 Jun
Fix available
Severity - 7.7 (High)
GHSA-mrph-pjv2-34f4
Packagist/juzaweb/cms
JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing certain components
27 Jun
No fix available
Severity - 2.1 (Low)
GHSA-rq7x-cfmc-rq3w
Packagist/juzaweb/cms
JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing Import Page component
27 Jun
No fix available
Severity - 2.1 (Low)
GHSA-cgvv-3455-824j
Packagist/moodle/moodle
Moodle Session Fixation allows unauthenticated users to hijack sessions via sesskey parameter
24 Jun
Fix available
Severity - 4.2 (Medium)
GHSA-24wv-6c99-f843
Packagist/pterodactyl/panel
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
19 Jun
Fix available
Severity - 10.0 (Critical)
GHSA-x3c7-22c8-prg7
Packagist/handcraftedinthealps/goodby-csv
handcraftedinthealps/goodby-csv has Potential Gadget Chain allowing Remote Code Execution
13 Jun
Fix available
Severity - 3.9 (Low)
GHSA-9qv6-4pwm-m68f
Packagist/ibexa/fieldtype-richtext
Ibexa RichText Field Type XSS vulnerabilities in back office
13 Jun
Fix available
Severity - 6.1 (Medium)
Load more...
Packagist - OSV