Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [,2.8.11.5),[2.9.0,2.9.10.3) Maven 11 Feb, 2020
  • M
Cross-site Scripting (XSS)
org.keycloak:keycloak-server-spi-private [,8.0.2) Maven 11 Feb, 2020
  • H
Insecure Randomness
org.webjars.bower:crypto-js [0,] Maven 11 Feb, 2020
  • H
Insecure Randomness
org.webjars.bowergithub.brix:crypto-js [0,] Maven 11 Feb, 2020
  • H
Insecure Randomness
org.webjars.npm:crypto-js [0,] Maven 11 Feb, 2020
  • H
Insecure Randomness
crypto-js <3.2.1 npm 11 Feb, 2020
  • M
Remote Code Execution (RCE)
net.sourceforge.htmlunit:htmlunit [,2.37.0) Maven 11 Feb, 2020
  • M
Prototype Pollution
@hapi/hoek <8.5.1,>=9.0.0 <9.0.3 npm 11 Feb, 2020
  • H
Denial of Service (DoS)
github.com/hashicorp/consul/agent <1.6.3 Go 10 Feb, 2020
  • H
Denial of Service (DoS)
github.com/hashicorp/consul/agent/consul <1.6.3 Go 10 Feb, 2020
  • M
Denial of Service (DoS)
github.com/revel/revel >=0.0.0 Go 10 Feb, 2020
  • H
Cross Site Scripting (XSS)
sockjs <0.3.0 npm 10 Feb, 2020
  • L
Improper Input Validation
script-manager >=0.8.6 <0.9.0 npm 07 Feb, 2020
  • H
Malicious Package
omniauth-weibo-oauth2 >=0.4.6, <0.5.0 RubyGems 07 Feb, 2020
  • H
Cross Site Scripting (XSS)
dojox >=1.16.0 <1.16.1,>=1.15.0 <1.15.2,>=1.4.0 <1.14.5,>=1.13.0 <1.13.6,>=1.12.0 <1.12.7,<1.11.9 npm 07 Feb, 2020
  • M
Cross-site Scripting (XSS)
ezsystems/ezfind-ls >=5.4.0, <5.4.11.1,>=5.3.0, <5.3.6.1 Composer 06 Feb, 2020
  • M
Improper Validation
ezsystems/ezplatform >=1.13.0, <1.13.5.1,>=2.5.0, <2.5.4,>=1.7.0, <1.7.9.1 Composer 06 Feb, 2020
  • L
Cross-site Request Forgery (CSRF)
ezsystems/ezplatform >=2.5.0, <2.5.4 Composer 06 Feb, 2020
  • M
Insecure Configuration
ezsystems/ezplatform >=1.13.0, <1.13.5.1,>=2.5.0, <2.5.4,>=1.7.0, <1.7.9.1 Composer 06 Feb, 2020
  • M
Brute Force
ezsystems/ezplatform-admin-ui >=1.4.0, <1.4.6 Composer 06 Feb, 2020
  • M
Brute Force
ezsystems/ezplatform-user >=1.0.0, <1.0.1 Composer 06 Feb, 2020
  • H
Command Injection
promise-probe <0.10.0 npm 06 Feb, 2020
  • L
Improper Verification of Cryptographic Signature
tuf [,0.12.2) pip 05 Feb, 2020
  • H
Internal Property Tampering
taffy * npm 05 Feb, 2020
  • H
Command Injection
curling * npm 05 Feb, 2020
  • H
Unauthorised File Access
harp * npm 05 Feb, 2020
  • H
Cross-site Scripting (XSS)
silverstripe/admin >=1.0.3, <1.0.4,>=1.1.0, <1.1.1 Composer 05 Feb, 2020
  • M
Session Hijacking
silverstripe/framework >=3.5.0, <3.5.6,>=3.6.0, <3.6.3 Composer 05 Feb, 2020
  • L
Improper Restriction of Excessive Authentication Attempts
silverstripe/framework >=3.1.18, <3.1.19,>=3.2.3, <3.2.4,>=3.3.1, <3.3.2 Composer 05 Feb, 2020
  • H
Unrestricted Upload
silverstripe/framework >=3.6.5, <3.6.6,>=4.0.3, <4.0.4,>=4.1.0, <4.1.1 Composer 05 Feb, 2020