Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Remote Code Execution (RCE)
facade/ignition <2.5.2 Composer 13 Jan, 2021
  • M
Cross-site Scripting (XSS)
rails_admin <1.4.3,>=2.0.0, <2.0.2 RubyGems 13 Jan, 2021
  • M
Cross-site Request Forgery (CSRF)
jupyterhub [0,] pip 13 Jan, 2021
  • M
Insecure Permissions
github.com/openshift/machine-config-operator/pkg/server * Go 12 Jan, 2021
  • M
Regular Expression Denial of Service (ReDoS)
glob-parent * npm 12 Jan, 2021
  • M
Regular Expression Denial of Service (ReDoS)
org.webjars.npm:glob-parent [0,] Maven 12 Jan, 2021
  • M
Regular Expression Denial of Service (ReDoS)
org.webjars.bowergithub.es128:glob-parent [0,] Maven 12 Jan, 2021
  • M
Improper Certificate Validation
node-sass >=2.0.0 <4.14.1 npm 12 Jan, 2021
  • M
Improper Certificate Validation
org.webjars.npm:node-sass [0,] Maven 12 Jan, 2021
  • H
Improper Authentication
com.alibaba.nacos:nacos-config [0,) Maven 12 Jan, 2021
  • M
Heap-based Buffer Overflow
pillow [6.0.0,8.0.1) pip 12 Jan, 2021
  • H
Cross-site Scripting (XSS)
redcarpet <3.5.1 RubyGems 12 Jan, 2021
  • M
Cross-site Request Forgery (CSRF)
forkcms/forkcms <5.8.3 Composer 11 Jan, 2021
  • M
Race Condition
org.netbeans.html:webkit [,1.7.1) Maven 11 Jan, 2021
  • H
Authentication Bypass
proxy.py [,2.3.1) pip 11 Jan, 2021
  • H
Deserialization of Untrusted Data
com.caucho:hessian [2.5.0, 2.6.9),[2.7.0, 2.7.8) Maven 11 Jan, 2021
  • M
Improper Input Validation
github.com/gogo/protobuf/plugin/unmarshal <1.3.2 Go 11 Jan, 2021
  • H
Cross-site Request Forgery (CSRF)
flask-security-too [3.3.0, 3.4.5) pip 10 Jan, 2021
  • M
Information Exposure
sylius/sylius <1.3.16,>=1.4.0, <1.4.12,>=1.5, <1.5.9,>=1.6.0, <1.6.5 Composer 10 Jan, 2021
  • M
Open Redirect
github.com/pterodactyl/wings/router/downloader <1.2.3 Go 10 Jan, 2021
  • H
Denial of Service (DoS)
socket.io-parser <3.3.2,>3.4.0 <3.4.1 npm 08 Jan, 2021
  • H
Denial of Service (DoS)
org.webjars.npm:socket.io-parser [,3.4.1) Maven 08 Jan, 2021
  • H
Denial of Service (DoS)
engine.io <4.0.0 npm 08 Jan, 2021
  • H
Denial of Service (DoS)
org.webjars.npm:engine.io [0,] Maven 08 Jan, 2021
  • H
Denial of Service (DoS)
org.webjars.bower:engine.io [0,] Maven 08 Jan, 2021
  • H
Command Injection
ts-process-promises * npm 08 Jan, 2021
  • H
Command Injection
buns * npm 08 Jan, 2021
  • M
Insecure Defaults
socket.io <2.4.0 npm 07 Jan, 2021
  • M
Insecure Defaults
org.webjars.npm:socket.io [0,] Maven 07 Jan, 2021
  • M
Insecure Defaults
org.webjars.bower:socket.io [0,] Maven 07 Jan, 2021