Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
HTTP Request Redirection
padraic/file_get_contents <1.1.2 Composer 14 Feb, 2018
  • M
Security Bypass
simplesamlphp/simplesamlphp <1.14.17 Composer 12 Feb, 2018
  • H
Information Exposure
simplesamlphp/simplesamlphp >=1.7.0, <1.14.11 Composer 12 Feb, 2018
  • H
Authentication Bypass
simplesamlphp/simplesamlphp <1.14.14 Composer 12 Feb, 2018
  • H
Authentication Bypass
simplesamlphp/simplesamlphp <1.14.14 Composer 12 Feb, 2018
  • M
Authentication Bypass
simplesamlphp/simplesamlphp <1.15.2 Composer 12 Feb, 2018
  • M
Cross-site Scripting (XSS)
moodle/moodle >=3.1, <3.1.10,>=3.2, <3.2.7,>=3.3, <3.3.4 Composer 12 Feb, 2018
  • M
Server Side Request Forgery (SSRF)
moodle/moodle >=3.1, <3.1.10,>=3.2, <3.2.7,>=3.3, <3.3.4,>=3.4, <3.4.1 Composer 12 Feb, 2018
  • M
Denial of Service (DoS)
simplesamlphp/saml2 <1.10.4,>=2.0.0, <2.3.5,>=3.0.0, <3.1.1 Composer 11 Feb, 2018
  • M
Man-in-the-Middle (MitM)
phpmyadmin/phpmyadmin <4.5.5.1 Composer 11 Feb, 2018
  • M
Blacklist Bypass
moodle/moodle >=3.4, <3.4.1,>=3.3, <3.3.4,>=3.2, <3.2.7 Composer 11 Feb, 2018
  • M
Arbitrary E-mail Header Injection
moodle/moodle <1.9.16,>=2.0.0, <2.0.7,>=2.1.0, <2.1.4,>=2.2.0, <2.2.1 Composer 11 Feb, 2018
  • M
Information Exposure
moodle/moodle >=3.4, <3.4.1,>=3.3, <=3.3.3,>=3.2, <=3.2.6,>= 3.1, <=3.1.9 Composer 11 Feb, 2018
  • L
Open Redirect
simplesamlphp/simplesamlphp < 1.15.2 Composer 06 Feb, 2018
  • M
Information Exposure
simplesamlphp/simplesamlphp <1.14.13 Composer 06 Feb, 2018
  • M
Cross-Site Scripting (XSS)
ezsystems/ezpublish-legacy <2017.08.0 Composer 06 Feb, 2018
  • M
Cross-site Scripting (XSS)
shopware/shopware >=5.2.0, <5.3.7 Composer 23 Jan, 2018
  • M
Cross-site Scripting (XSS)
contao/newsletter-bundle >=4.0.0, <4.1.0 Composer 22 Jan, 2018
  • M
Cross-site Scripting (XSS)
contao/core >=3.0.0, <3.5.32 Composer 22 Jan, 2018
  • H
Timing Attack
gree/jose <2.2.1 Composer 20 Dec, 2017
  • M
Regular Expression Denial of Service (ReDoS)
mobiledetect/mobiledetectlib <2.8.27 Composer 10 Dec, 2017
  • H
Configuration Modification
october/october =1.0.412 Composer 07 Dec, 2017
  • M
SQL Injection
zetacomponents/mail <1.8.2 Composer 04 Dec, 2017
  • M
Open Redirect
symfony/symfony >=2.7.0, <2.7.38,>=2.8.0, <2.8.31,>=3, <3.1.0,>=3.1.0, <3.2.0,>=3.2.0, <3.2.14,>=3.3.0, <3.3.13,>=3.4-BETA0, <3.4-BETA5,>=4.0-BETA0, <4.0-BETA5 Composer 04 Dec, 2017
  • H
Cross-site Request Forgery (CSRF)
symfony/symfony >=2.7.0, <2.7.38,>=2.8.0, <2.8.31,>=3, <3.1.0,>=3.1.0, <3.2.0,>=3.2.0, <3.2.14,>=3.3.0, <3.3.13,>=3.4-BETA0, <3.4-BETA5,>=4.0-BETA0, <4.0-BETA5 Composer 04 Dec, 2017
  • H
Directory Traversal
symfony/symfony >=2.7.0, <2.7.38,>=2.8.0, <2.8.31,>=3, <3.1.0,>=3.1.0, <3.2.0,>=3.2.0, <3.2.14,>=3.3.0, <3.3.13,>=3.4-BETA0, <3.4-BETA5,>=4.0-BETA0, <4.0-BETA5 Composer 04 Dec, 2017
  • L
Information Exposure
symfony/symfony >=2.7.0, <2.7.38,>=2.8.0, <2.8.31,>=3, <3.1.0,>=3.1.0, <3.2.0,>=3.2.0, <3.2.14,>=3.3.0, <3.3.13,>=3.4-BETA0, <3.4-BETA5,>=4.0-BETA0, <4.0-BETA5 Composer 04 Dec, 2017
  • M
Open Redirect
symfony/security-http >=2.7.0, <2.7.38,>=2.8.0, <2.8.31,>=3, <3.1.0,>=3.1.0, <3.2.0,>=3.2.0, <3.2.14,>=3.3.0, <3.3.13,>=3.4-BETA0, <3.4-BETA5,>=4.0-BETA0, <4.0-BETA5 Composer 04 Dec, 2017
  • H
Cross-site Request Forgery (CSRF)
symfony/security-csrf >=2.7.0, <2.7.38,>=2.8.0, <2.8.31,>=3, <3.1.0,>=3.1.0, <3.2.0,>=3.2.0, <3.2.14,>=3.3.0, <3.3.13,>=3.4-BETA0, <3.4-BETA5,>=4.0-BETA0, <4.0-BETA5 Composer 04 Dec, 2017
  • H
Directory Traversal
symfony/intl >=2.7.0, <2.7.38,>=2.8.0, <2.8.31,>=3, <3.1.0,>=3.1.0, <3.2.0,>=3.2.0, <3.2.14,>=3.3.0, <3.3.13,>=3.4-BETA0, <3.4-BETA5,>=4.0-BETA0, <4.0-BETA5 Composer 04 Dec, 2017