Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Arbitrary E-mail Header Injection
moodle/moodle <1.9.16,>=2.0.0, <2.0.7,>=2.1.0, <2.1.4,>=2.2.0, <2.2.1 Composer 11 Feb, 2018
  • M
Information Exposure
moodle/moodle >=3.4, <3.4.1,>=3.3, <=3.3.3,>=3.2, <=3.2.6,>= 3.1, <=3.1.9 Composer 11 Feb, 2018
  • M
Denial of Service (DoS)
org.jboss.netty:netty [,3.9.1.Final] Maven 06 Feb, 2018
  • M
Information Exposure
omniauth < 1.3.2 RubyGems 06 Feb, 2018
  • H
Information Exposure
pycrypto >=0.0.0 pip 06 Feb, 2018
  • M
URL Spoofing
electron <1.7.6 npm 06 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.apache.sling:org.apache.sling.xss [,2.0.4) Maven 06 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.apache.sling:org.apache.sling.xss.compat [,2.0.4) Maven 06 Feb, 2018
  • M
Arbitrary File Import
org.apache.sling:org.apache.sling.jcr.contentloader [,2.1.6) Maven 06 Feb, 2018
  • H
Authentication Bypass
org.apache.sling:org.apache.sling.auth.core [1.4,1.4.2) Maven 06 Feb, 2018
  • M
Host Header Injection
org.apache.nifi:nifi [,1.5.0) Maven 06 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.apache.nifi:nifi-web-utils [,1.5.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-web-security [,1.4.0) Maven 06 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.apache.nifi:nifi-web-error [,1.5.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-web-api [,1.4.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-update-attribute-model [,1.4.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-security-utils [,1.4.0) Maven 06 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.apache.nifi:nifi-jetty [,1.5.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-framework-core [,1.4.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-framework-cluster [,1.4.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-file-authorizer [,1.4.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-framework-cluster-protocol [,1.4.0) Maven 06 Feb, 2018
  • H
Deserialization of Untrusted Data
org.apache.nifi:nifi-authorizer [,1.4.0) Maven 06 Feb, 2018
  • M
Information Exposure
org.apache.hadoop:hadoop-mapreduce [, 2.8.3), [3.0.0-alpha, 3.0.0) Maven 06 Feb, 2018
  • L
Open Redirect
simplesamlphp/simplesamlphp < 1.15.2 Composer 06 Feb, 2018
  • M
Information Exposure
simplesamlphp/simplesamlphp <1.14.13 Composer 06 Feb, 2018
  • M
Cross-Site Scripting (XSS)
ezsystems/ezpublish-legacy <2017.08.0 Composer 06 Feb, 2018
  • H
Symlink privilege escalation
org.springframework.boot:spring-boot-loader-tools [1.5.0,1.5.10),[2.0.0.M1,2.0.0.RC1) Maven 06 Feb, 2018
  • H
Access Restriction Bypass
safemode < 1.3.3 RubyGems 31 Jan, 2018
  • M
Man-in-the-Middle (MitM)
net-ldap <0.16.0 RubyGems 31 Jan, 2018