Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Cross-site Request Forgery (CSRF)
phpmyadmin/phpmyadmin <4.7.7 Composer 18 Feb, 2018
  • M
Cross-site Scripting (XSS)
lavalite/cms >=0.0.0 Composer 18 Feb, 2018
  • M
Cross-site Scripting (XSS)
dolibarr/dolibarr >=0.0.0 Composer 18 Feb, 2018
  • H
Denial of Service (DoS) via XML External Entity (XXE) Injection
desperado/xml-bundle >=0.0.0 Composer 18 Feb, 2018
  • M
Cross-site Scripting (XSS)
croogo/croogo >=0.0.0 Composer 18 Feb, 2018
  • M
Cross-site Scripting (XSS)
cnvs/canvas >=0.0.0 Composer 18 Feb, 2018
  • L
Prototype Pollution
assign-deep <0.4.7 npm 16 Feb, 2018
  • L
Prototype Pollution
defaults-deep <0.2.4 npm 16 Feb, 2018
  • L
Prototype Pollution
merge-deep <3.0.1 npm 16 Feb, 2018
  • L
Prototype Pollution
mixin-deep <1.3.1 npm 16 Feb, 2018
  • M
Regular Expression Denial of Service (ReDoS)
valid-data-url <0.1.5 npm 15 Feb, 2018
  • M
Regular Expression Denial of Service (ReDoS)
ssri <5.2.2 npm 15 Feb, 2018
  • H
Regular Expression Denial of Service (ReDoS)
q-io <1.13.5 npm 15 Feb, 2018
  • H
Regular Expression Denial of Service (ReDoS)
nicest <1.1.3 npm 15 Feb, 2018
  • M
Regular Expression Denial of Service (ReDoS)
mimer <0.3.0 npm 15 Feb, 2018
  • H
Regular Expression Denial of Service (ReDoS)
jquery.csssr.validation <0.0.26 npm 15 Feb, 2018
  • L
Regular Expression Denial of Service (ReDoS)
is-my-json-valid <1.4.1 || >=2.0.0 >=2.17.2 npm 15 Feb, 2018
  • H
Regular Expression Denial of Service (ReDoS)
htmllint <0.7.2 npm 15 Feb, 2018
  • H
Regular Expression Denial of Service (ReDoS)
dirty-json <0.5.2 npm 15 Feb, 2018
  • H
Regular Expression Denial of Service (ReDoS)
citeproc <2.1.184 npm 15 Feb, 2018
  • H
Host Spoofing
org.apache.jmeter:apachejmeter [2.0,4.0) Maven 15 Feb, 2018
  • M
Insecure Credential Comparison
safe-compare <1.1.1 npm 14 Feb, 2018
  • H
Arbitrary Command Execution
pullit <1.4.0 npm 14 Feb, 2018
  • L
Prototype Pollution
lodash <4.17.5 npm 14 Feb, 2018
  • H
Cross-site Scripting (XSS)
html-janitor * npm 14 Feb, 2018
  • L
Prototype Pollution
hoek <4.2.1 || >=5.0.0 <5.0.3 npm 14 Feb, 2018
  • M
Cross-site Scripting (XSS)
dijit * npm 14 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.jbpm:jbpm-console-ng-human-tasks-client [6.0.0,6.1.0) Maven 14 Feb, 2018
  • H
Authentication Bypass
github.com/snapcore/snapd/daemon >=2.27 <2.29.3 Go 14 Feb, 2018
  • H
Denial of Service (DoS)
github.com/miekg/dns <1.0.4 Go 14 Feb, 2018