Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-r87q-fj25-f8jf
  • Packagist/shuchkin/simplexlsx
 Cross-site Scripting vulnerability in SimpleXLSXEx::readThemeColors, SimpleXLSXEx::getColorValue and SimpleXLSX::toHTMLEx 2 days ago
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-3q97-vjpp-c8rp
  • Packagist/joelbutcher/socialstream
 Socialstream has a Potential Account Takeover Vulnerability in Social Account Linking Due to Missing User Consent After OAuth Callback 5 days ago
  • Fix available
  • Severity - 8.9 (High)
GHSA-c9f5-29f6-c35w
  • Packagist/spatie/browsershot
 Browsershot Improper Input Validation vulnerability 6 days ago
  • Fix available
  • Severity - 7.7 (High)
GHSA-2p6p-9rc9-62j9
  • Packagist/craftcms/cms
 Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled 18 Dec
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-6569-3785-r3v6
  • Packagist/unisharp/laravel-filemanager
 UniSharp Laravel Filemanager Code Injection vulnerability 18 Dec
  • Fix available
  • Severity - 8.9 (High)
GHSA-v528-6rq9-h6gw
  • Packagist/spatie/browsershot
 Spatie Browsershot Directory Traversal vulnerability 18 Dec
  • Fix available
  • Severity - 7.7 (High)
GHSA-m3r7-8gw7-qwvc
  • Packagist/thorsten/phpmyfaq
 thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames 13 Dec
  • Fix available
  • Severity - 4.9 (Medium)
GHSA-8vwh-pr89-4mw2
  • Packagist/laravel/pulse
 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method 13 Dec
  • Fix available
  • Severity - 8.7 (High)
GHSA-g2r4-phv7-5fgv
  • Packagist/spatie/browsershot
 Browsershot Local File Inclusion 13 Dec
  • Fix available
  • Severity - 8.7 (High)
GHSA-x6mh-rjwm-8ph7
  • Packagist/shuchkin/simplexlsx
 Cross-site Scripting vulnerability in SimpleXLSXEx::readXfs and SimpeXLSX::toHTMLEx 12 Dec
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-7cwc-fjqm-8vh8
  • Packagist/drupal/core
  • Packagist/drupal/core-recommended
  • Packagist/drupal/drupal
 Drupal core Access bypass 10 Dec
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-938f-5r4f-h65v
  • Packagist/drupal/core
  • Packagist/drupal/core-recommended
  • Packagist/drupal/drupal
 Drupal core contains a potential PHP Object Injection vulnerability 10 Dec
  • Fix available
  • Severity - 2.3 (Low)
GHSA-gvf2-2f4g-jqf4
  • Packagist/drupal/core
  • Packagist/drupal/core-recommended
  • Packagist/drupal/drupal
 Drupal core contains a potential PHP Object Injection vulnerability 10 Dec
  • Fix available
  • Severity - 7.5 (High)
GHSA-w6rx-9g2x-mg5g
  • Packagist/drupal/core
  • Packagist/drupal/core-recommended
  • Packagist/drupal/drupal
 Drupal core contains a potential PHP Object Injection vulnerability 10 Dec
  • Fix available
  • Severity - 7.5 (High)
GHSA-8mvq-8h2v-j9vf
  • Packagist/drupal/core
  • Packagist/drupal/core-recommended
  • Packagist/drupal/drupal
 Drupal Core Cross-Site Scripting (XSS) 10 Dec
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-c2pc-g5qf-rfrf
  • Packagist/league/commonmark
 league/commonmark's quadratic complexity bugs may lead to a denial of service 09 Dec
  • Fix available
  • Severity - 7.5 (High)
Load more...