Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
114592
AlmaLinux
2825
Alpine
3446
Android
890
Bitnami
3986
CRAN
10
crates.io
1363
Debian
9901
GIT
30147
GitHub Actions
16
Go
2204
Hackage
18
Hex
30
Linux
13573
Maven
4901
npm
14473
NuGet
589
OSS-Fuzz
3319
Packagist
3668
Pub
8
PyPI
12049
Rocky Linux
1192
RubyGems
790
SwiftURL
31
Ubuntu
5163
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-p572-p2rj-q5f4
NuGet/Umbraco.Forms
Umbraco Forms components vulnerable to Stored Cross-site Scripting
13.0.0
12.0.0
12.1.0
12.1.0-rc1
12.1.1
12.1.2
12.2.0
...
2024-05-28T20:40:31Z
Fix available
GHSA-j6cv-98jx-mrwr
PyPI/mocodo
Mocodo vulnerable to SQL injection in `/web/generate.php`
2.0.0
2.0.0rc1
2.0.1
2.0.10
2.0.11
2.0.12
2.0.13
...
2024-05-28T20:20:37Z
Fix available
GHSA-fjr2-r2mp-484p
Packagist/simplesamlphp/simplesamlphp
SimpleSAMLphp signature validation bypass
v1.12.0
v1.13.0
v1.13.0-rc1
v1.13.0-rc2
v1.13.1
v1.13.2
v1.14.0
...
2024-05-28T19:29:37Z
Fix available
GHSA-7wh8-jrq7-p27f
Packagist/simplesamlphp/simplesamlphp
SimpleSAMLphp exposes credentials in session storage
1.16.0
1.16.1
1.16.2
2024-05-28T18:28:53Z
Fix available
GHSA-v858-922f-fj9v
Packagist/simplesamlphp/simplesamlphp
SimpleSAMLphp Link Injection vulnerability
v1.12.0
v1.13.0
v1.13.0-rc1
v1.13.0-rc2
v1.13.1
v1.13.2
v1.14.0
...
2024-05-28T18:26:35Z
Fix available
GHSA-xc69-p8fc-m6m5
Packagist/silverstripe/subsites
silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source)
2.0.0
2.0.1
2.0.2
2.1.0
2024-05-28T18:23:17Z
Fix available
GHSA-p2v5-xcqm-4fv6
Packagist/silverstripe/taxonomy
silverstripe/taxonomy SQL Injection vulnerability
1.3.0
2.0.0
2024-05-28T17:29:03Z
Fix available
GHSA-55pp-293f-3365
Packagist/silverstripe/userforms
silverstripe/userforms file upload exposure on UserForms module
0.5.1
1.0.1
1.1.0-beta
2.0.1
2.0.1-rc1
2.0.10
2.0.2
...
2024-05-28T17:21:00Z
Fix available
GHSA-8fmj-33gw-g7pw
Go/github.com/stacklok/minder
Denial of service of Minder Server from maliciously crafted GitHub attestations
See details.
2024-05-28T16:55:02Z
Fix available
GHSA-gx8m-f3mp-fg99
Packagist/getformwork/formwork
formwork Cross-site scripting vulnerability in Markdown fields
0.10.0
0.10.1
0.10.2
0.10.3
0.10.4
0.10.5
0.11.0
...
2024-05-28T16:54:31Z
Fix available
GO-2024-2572
Go/cosmossdk.io/x/auth
Vesting account creation on blocked address in cosmossdk.io/x/auth
See details.
2024-05-28T16:10:17Z
No fix available
GHSA-8c8q-2xw3-j869
RubyGems/rack-contrib
rack-contrib vulnerable to Denial of Service due to the unconstrained value of the incoming "profiler_runs" parameter
0.9.0
0.9.2
1.0.0
1.0.1
1.1.0
1.2.0
1.2.0.39.g17d21b4
...
2024-05-28T15:48:43Z
Fix available
GHSA-g3hr-p86p-593h
Maven/org.openapitools:openapi-generator-online
OpenAPI Generator Online - Arbitrary File Read/Delete
3.0.0
3.0.1
3.0.2
3.0.3
3.1.0
3.1.1
3.1.2
...
2024-05-28T15:47:57Z
Fix available
GHSA-7r3j-qmr4-jfpj
RubyGems/kaminari
Kaminari Insecure File Permissions Vulnerability
0.15.0
0.15.1
0.16.0
0.16.1
2024-05-28T15:47:00Z
Fix available
GHSA-wjg9-v8cf-f5q2
Packagist/silverstripe/graphql
silverstripe/graphql Cross-Site Request Forgery vulnerability
2.0.0
2.0.1
2.0.2
2024-05-28T13:13:11Z
Fix available
GHSA-265q-222x-52m6
Packagist/silverstripe/framework
silverstripe/framework has potential SQL Injection vulnerability in PostgreSQL database connector
4.0.0
4.0.0-rc1
4.0.0-rc2
4.0.0-rc3
4.0.1
4.0.1-rc1
4.0.2
...
2024-05-28T13:01:48Z
Fix available
Load more...
Vulnerability Database - OSV