Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Vulnerability Affects Type Published
  • M
Authentication Bypass 		drupal/drupal <8.5.15,>=8.6.0, <8.6.16 Composer 18 Apr, 2019
  • M
Authentication Bypass 		drupal/core <8.5.15,>=8.6.0, <8.6.16 Composer 18 Apr, 2019
  • M
Arbitrary Code Execution 		drupal/drupal <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Arbitrary Code Execution 		drupal/core <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Cross-site Scripting (XSS) 		drupal/drupal <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Cross-site Scripting (XSS) 		drupal/core <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Information Exposure 		contao/core-bundle >=4.4.0, <4.4.31,>=4.6.0, <4.6.11 Composer 17 Apr, 2019
  • M
Information Exposure 		contao/core >=3.0, <3.5.37 Composer 17 Apr, 2019
  • M
Information Exposure 		contao/contao >=4.4.0, <4.4.31,>=4.6.0, <4.6.11 Composer 17 Apr, 2019
  • M
Cross-site Request Forgery (CSRF) 		contao/core-bundle >=4.7.0, <4.7.3 Composer 15 Apr, 2019
  • L
Security Issue 		contao/core-bundle >4.4.0, <4.4.37,>4.7.0, <4.7.3 Composer 15 Apr, 2019
  • L
Information Exposure 		contao/core-bundle >=4.7.0, <4.7.3 Composer 15 Apr, 2019
  • L
Security Issue 		contao/core <3.5.39 Composer 15 Apr, 2019
  • M
Open Redirect 		elgg/elgg <1.12.18,<2.3.11 Composer 09 Apr, 2019
  • H
Arbitrary Code Injection 		erusev/parsedown <1.7.2 Composer 07 Apr, 2019
  • M
Cross Site Request Forgery (CSRF) 		bolt/bolt <=3.6.6 Composer 05 Apr, 2019
  • M
Script Injections 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Information Exposure 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Information Disclousure 		magento/core <1.9.4.1 Composer 02 Apr, 2019
  • M
Information Disclousure 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Information Exposure 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Information disclosure 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Request Forgery (CSRF) 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS) 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS) 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS) 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS) 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS) 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS) 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS) 		magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
Subscribe to RSS feed