Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Vulnerability Affects Type Published
  • M
Information Exposure 		symfony/symfony >=2.7.38, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9,>=4.2.0, <4.2.1 Composer 10 Dec, 2018
  • M
Information Exposure 		symfony/security >=2.7.38, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9,>=4.2.0, <4.2.1 Composer 10 Dec, 2018
  • M
Information Exposure 		symfony/form >=2.7.38, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9,>=4.2.0, <4.2.1 Composer 10 Dec, 2018
  • M
Open Redirect 		symfony/symfony >=2.7.0, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9 Composer 10 Dec, 2018
  • M
Open Redirect 		symfony/security-http >=2.7.0, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9 Composer 10 Dec, 2018
  • M
Open Redirect 		symfony/security >=2.7.0, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9 Composer 10 Dec, 2018
  • M
Cross-site Scripting (XSS) 		athlon1600/php-proxy-app >=0.0.0 Composer 07 Dec, 2018
  • M
Cross-site Scripting (XSS) 		athlon1600/php-proxy-app >=0.0.0 Composer 07 Dec, 2018
  • M
Cross-site Scripting (XSS) 		getkirby/kirby >=0.0.0 Composer 07 Dec, 2018
  • H
Deserialization of Untrusted Data 		ezsystems/ezpublish-legacy >=5.4.0, <5.4.12.3,>=5.3.0, <5.3.12.6,>=2011.0.0, <2017.12.4.3,>=2018.6.0, <2018.6.1.4,>=2018.9.0, <2018.9.1.3 Composer 29 Nov, 2018
  • H
Arbitrary Command Execution 		yoast/wordpress-seo <9.2.0 Composer 29 Nov, 2018
  • M
Information Exposure 		ezsystems/ezpublish-kernel >=5.3.0, <5.3.12.1,>=5.4.0, <5.4.13.1,>=6.0.0, <6.7.9.1,>=6.8.0, <6.13.5.1,>=7.0.0, <7.2.4.1,>=7.3.0, <7.3.2.1 Composer 28 Nov, 2018
  • M
Cross-site Request Forgery (CSRF) 		moodle/moodle <3.1.15,>=3.2.0, <3.3.9,>=3.4.0, <3.4.6,>=3.5.0, <3.5.3 Composer 28 Nov, 2018
  • M
Privilege Escalation 		ezsystems/ezplatform <1.7.8.1,>=1.8.0, <1.13.4.1,>=2.0.0, <2.2.3.1,>=2.3.0, <2.3.2.1 Composer 28 Nov, 2018
  • L
Information Exposure 		ezsystems/repository-forms >=2.3.0, <2.3.2.1 Composer 28 Nov, 2018
  • H
Arbitrary Code Execution 		intelliants/subrion >=0.0.0 Composer 22 Nov, 2018
  • M
Information Exposure 		flarum/core <0.1.0 Composer 19 Nov, 2018
  • M
XML External Entity (XXE) Injection 		phpoffice/phpspreadsheet <1.5.1 Composer 19 Nov, 2018
  • H
Arbitrary Object injection 		phpmailer/phpmailer >=5.0.0, <5.2.27,>=6.0.0, <6.0.6 Composer 19 Nov, 2018
  • M
Denial of Service (DoS) 		symfony/polyfill >=1.0.0, <1.10.0 Composer 04 Nov, 2018
  • M
Authentication Bypass 		ezsystems/ezpublish-legacy >=5.4.0, <5.4.12.1,>=2017.12.0, <2017.12.4.1,>=5.3.0, <5.3.12.4,>=2018.6.0, <2018.6.1.2,>=2018.9.0, <2018.9.1.1 Composer 04 Nov, 2018
  • M
Denial of Service (DoS) 		symfony/polyfill-php55 >=1.0.0, <1.10.0 Composer 04 Nov, 2018
  • M
Cross-site Scripting (XSS) 		ezsystems/ezpublish-legacy >=5.3.0, <5.3.12.5,>=5.4.0, <5.4.12.2,>=2017.12.0, <2017.12.4.2,>=2018.6.0, <2018.6.1.3,>=2018.9.0, <2018.9.1.2 Composer 04 Nov, 2018
  • M
Cross-site Scripting (XSS) 		librenms/librenms <1.44 Composer 30 Oct, 2018
  • H
Remote Code Execution 		drupal/drupal >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Remote Code Execution 		drupal/core >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Remote Code Execution 		drupal/drupal >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Remote Code Execution 		drupal/core >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Open Redirect 		drupal/core >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Open Redirect 		drupal/drupal >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
Subscribe to RSS feed