Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-fqcv-8859-86x2
  • Packagist/coreshop/core-shop
 CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier 15 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-ggff-9mj3-7246
  • Packagist/cpsit/typo3-mailqueue
 mailqueue TYPO3 extension affected by Insecure Deserialization 15 hours ago
  • Fix available
  • Severity - 5.2 (Medium)
GHSA-m27r-m6rx-mhm4
  • Packagist/laravel/reverb
 Laravel Redis Horizontal Scaling Insecure Deserialization 15 hours ago
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-jg2j-2w24-54cg
  • Packagist/kimai/kimai
 Kimai has an Authenticated Server-Side Template Injection (SSTI) yesterday
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-jw2v-cq5x-q68g
  • Packagist/pterodactyl/panel
 Pterodactyl improperly locks resources allowing raced queries to create more resources than alloted yesterday
  • Fix available
  • Severity - 6.0 (Medium)
GHSA-43rr-x62x-q96w
  • Packagist/mineadmin/mineadmin
 MineAdmin improperly refreshes tokens 2 days ago
  • No fix available
  • Severity - 1.3 (Low)
GHSA-qh8m-9qxx-53m5
  • Packagist/cakephp/cakephp
 CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting 5 days ago
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-44jg-mv3h-wj6g
  • Packagist/solspace/craft-freeform
 solspace/craft-freeform Vulnerable to XSS in `PhpSpreadsheet` HTML Writer Due to Unsanitized Styling Data 6 days ago
  • Fix available
  • Severity - 1.9 (Low)
GHSA-58q2-9x27-h2jm
  • Packagist/solspace/craft-freeform
 solspace/craft-freeform Has a DoS Vulnerability 6 days ago
  • Fix available
  • Severity - 2.7 (Low)
GHSA-54v4-4685-vwrj
  • Packagist/alextselegidis/easyappointments
 alextselegidis/easyappointments is Vulnerable to CSRF Protection Bypass 6 days ago
  • No fix available
  • Severity - 7.4 (High)
GHSA-4wg4-p27p-5q2r
  • Packagist/pimcore/web2print-tools-bundle
 Pimcore Web2Print Tools Bundle "Favourite Output Channel Configuration" Missing Function Level Authorization 6 days ago
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-hqrp-m84v-2m2f
  • Packagist/pimcore/admin-ui-classic-bundle
 Pimcore's Admin Classic Bundle is Missing Function Level Authorization on "Predefined Properties" Listing 6 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-m3r2-724c-pwgf
  • Packagist/pimcore/pimcore
 Pimcore is Vulnerable to Broken Access Control: Missing Function Level Authorization on "Static Routes" Listing 6 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-595p-g7xc-c333
  • Packagist/algolia/algoliasearch-magento-2
 Algolia Search & Discovery for Magento 2 Has Untrusted Data Handling 14 Jan
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-qvr7-7g55-69xj
  • Packagist/pimcore/pimcore
 Pimcore Has an Incomplete Patch for CVE-2023-30848 14 Jan
  • Fix available
  • Severity - 8.8 (High)
DRUPAL-CONTRIB-2026-005
  • Packagist:https://packages.drupal.org/8/drupal/social_auth_entra_id
 See record for full details 14 Jan
  • Fix available
Load more...