Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Vulnerability Affects Type Published
  • L
Arbitrary File Write via Archive Extraction (Zip Slip) 		github.com/cockroachdb/cockroach/pkg/workload/querylog <19.2.0-beta.20190930 Go 11 Oct, 2019
  • L
Arbitrary File Write via Archive Extraction (Zip Slip) 		github.com/rclone/rclone/cmd/rcd <1.49.4 Go 11 Oct, 2019
  • L
Arbitrary File Write via Archive Extraction (Zip Slip) 		github.com/uber/prototool/internal/protoc * Go 11 Oct, 2019
  • L
Arbitrary File Write via Archive Extraction (Zip Slip) 		github.com/uber/astro/astro/tvm <0.5.0 Go 11 Oct, 2019
  • H
Cross-site Scripting (XSS) 		craftcms/cms <3.3.8 Composer 11 Oct, 2019
  • M
Relative Path Overwrite (RPO) 		swagger-ui <3.23.11 npm 11 Oct, 2019
  • H
Remote Code Execution (RCE) 		magento/community-edition >=2.2.0, <2.2.10,>=2.3.0, <2.3.2-p2 Composer 11 Oct, 2019
  • H
Remote Code Execution (RCE) 		magento/community-edition >=2.2.0, <2.2.10,>=2.3.0, <2.3.2-p2 Composer 11 Oct, 2019
  • H
Remote Code Execution (RCE) 		magento/community-edition >=2.1.0, <2.1.19,>=2.2.0, <2.2.10,>=2.3.0, <2.3.2-p2 Composer 11 Oct, 2019
  • H
Remote Code Execution (RCE) 		magento/community-edition >=2.2.0, <2.2.10,>=2.3.0, <2.3.2-p2 Composer 11 Oct, 2019
  • H
Remote Code Execution (RCE) 		magento/community-edition >=2.2.0, <2.2.10,>=2.3.0, <2.3.2-p2 Composer 11 Oct, 2019
  • M
Buffer Over-read 		liblnk-python [0,) pip 10 Oct, 2019
  • H
Directory Traversal 		koji [,1.14.3),[1.15.0,1.15.3),[1.16.0,1.16.3),[1.17.0,1.17.1),[1.18.0,1.18.1) pip 10 Oct, 2019
  • M
Information Exposure 		mongoose <5.7.5 npm 10 Oct, 2019
  • H
SQL injection 		centreon/centreon >=2.8.0, <2.8.28,>=18.10.0, <18.10.4 Composer 09 Oct, 2019
  • H
Incorrect Permissions 		netaddr <2.0.4 RubyGems 09 Oct, 2019
  • M
Regular Expression Denial of Service (ReDoS) 		simple-markdown * npm 09 Oct, 2019
  • H
Information Exposure 		centreon/centreon >=0.0.0 Composer 09 Oct, 2019
  • H
Cross-site Scripting (XSS) 		centreon/centreon >=2.8.0, <2.8.28,>=18.10.0, <18.10.5 Composer 09 Oct, 2019
  • M
Regular Expression Denial of Service (ReDoS) 		markdown-it <10.0.0 npm 09 Oct, 2019
  • H
Arbitrary File Upload 		centreon/centreon >=18.10.0, <18.10.4 Composer 09 Oct, 2019
  • M
Remote Code Execution (RCE) 		microsoft.chakracore [,1.111.4) NuGet 09 Oct, 2019
  • L
Cookie Theft 		centreon/centreon >=0.0.0 Composer 09 Oct, 2019
  • H
Remote Code Execution (RCE) 		centreon/centreon >=2.8.0, <2.8.27,>=18.10.0, <18.10.4 Composer 09 Oct, 2019
  • M
Use of Insufficiently Random Values 		centreon/centreon >=2.8.0, <18.10.5 Composer 09 Oct, 2019
  • H
SQL Injection 		centreon/centreon >=2.8.0, <2.8.27,>=18.10.0, <18.10.4 Composer 09 Oct, 2019
  • M
Authentication Bypass 		centreon/centreon >=2.8.0, <2.8.28,>=18.10.0, <18.10.4 Composer 09 Oct, 2019
  • M
Denial of Service (DoS) 		aubio >=0.0.0 cocoapods 09 Oct, 2019
  • H
Out-of-Bounds 		aubio >=0.0.0 cocoapods 09 Oct, 2019
  • M
Denial of Service (DoS) 		aubio-ios-sdk >=0.0.0 cocoapods 09 Oct, 2019