Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-78vg-7v27-hj67
  • Packagist/damienharper/auditor-bundle
 auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped 2 days ago
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-f4wh-359g-4pq7
  • Packagist/topthink/framework
 ThinkPHP deserialization vulnerability 2 days ago
  • No fix available
  • Severity - 9.3 (Critical)
GHSA-6j75-5wfj-gh66
  • Packagist/twig/twig
 Twig has a possible sandbox bypass 2 days ago
  • Fix available
  • Severity - 5.8 (Medium)
GHSA-28h4-788g-rh42
  • Packagist/craftcms/cms
 Craft CMS vulnerable to stored XSS in breadcrumb list and title fields 2 days ago
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-gcfg-hmwx-wq5h
  • Packagist/nategood/httpful
 Httpful is Missing Certificate Validation 2 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-hq76-662x-7mw4
  • Packagist/pimcore/data-importer
  • Packagist/pimcore/admin-ui-classic-bundle
  • Packagist/pimcore/pimcore
 Pimcore includes vulnerable PHPOffice/PhpSpreadsheet 03 Sep
  • Fix available
  • Severity - 8.7 (High)
GHSA-p652-xcgx-f85m
  • Packagist/in2code/powermail
 "powermail" (powermail) Insecure Direct Object Reference (IDOR) 29 Aug
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-ghg6-32f9-2jp7
  • Packagist/phpoffice/phpspreadsheet
 XXE in PHPSpreadsheet encoding is returned 29 Aug
  • Fix available
  • Severity - 8.7 (High)
GHSA-wgmf-q9vr-vww6
  • Packagist/phpoffice/phpspreadsheet
 PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style information 29 Aug
  • Fix available
  • Severity - 4.8 (Medium)
GHSA-jm9m-rqr3-wfmh
  • Packagist/getkirby/cms
 Kirby has insufficient permission checks in the language settings 29 Aug
  • Fix available
  • Severity - 8.8 (High)
GHSA-xp68-7g33-f49m
  • Packagist/feehi/cms
 FeehiCMS User[avatar] unrestricted upload 29 Aug
  • No fix available
  • Severity - 5.3 (Medium)
GHSA-3wrg-6mg5-jg2v
  • Packagist/feehi/cms
 FeehiCMS BannerForm[img] unrestricted upload 29 Aug
  • No fix available
  • Severity - 5.3 (Medium)
GHSA-mg8j-w93w-xjgc
  • Not specified
 Drupal Full Path Disclosure 29 Aug
  • No fix available
GHSA-xxqw-83c7-r24r
  • Packagist/feehi/cms
 FeehiCMS file upload vulnerability 29 Aug
  • No fix available
  • Severity - 5.3 (Medium)
GHSA-9jqr-5x45-pgw8
  • Packagist/in2code/powermail
 Powermail TYPO3 extension Broken Access Control in the OutputController 29 Aug
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-34qg-65m4-f23m
  • Packagist/froxlor/froxlor
 Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD> 23 Aug
  • Fix available
  • Severity - 8.4 (High)
Load more...