Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Information Exposure
symfony/symfony >=2.7.38, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9,>=4.2.0, <4.2.1 Composer 10 Dec, 2018
  • M
Information Exposure
symfony/security >=2.7.38, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9,>=4.2.0, <4.2.1 Composer 10 Dec, 2018
  • M
Information Exposure
symfony/form >=2.7.38, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9,>=4.2.0, <4.2.1 Composer 10 Dec, 2018
  • M
Open Redirect
symfony/symfony >=2.7.0, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9 Composer 10 Dec, 2018
  • M
Open Redirect
symfony/security-http >=2.7.0, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9 Composer 10 Dec, 2018
  • M
Open Redirect
symfony/security >=2.7.0, <2.7.50,>=2.8.0, <2.8.49,>=3.0.0, <3.4.20,>=4.0.0, <4.0.15,>=4.1.0, <4.1.9 Composer 10 Dec, 2018
  • M
Cross-site Scripting (XSS)
athlon1600/php-proxy-app >=0.0.0 Composer 07 Dec, 2018
  • M
Cross-site Scripting (XSS)
athlon1600/php-proxy-app >=0.0.0 Composer 07 Dec, 2018
  • M
Cross-site Scripting (XSS)
getkirby/kirby >=0.0.0 Composer 07 Dec, 2018
  • H
Deserialization of Untrusted Data
ezsystems/ezpublish-legacy >=5.4.0, <5.4.12.3,>=5.3.0, <5.3.12.6,>=2011.0.0, <2017.12.4.3,>=2018.6.0, <2018.6.1.4,>=2018.9.0, <2018.9.1.3 Composer 29 Nov, 2018
  • H
Arbitrary Command Execution
yoast/wordpress-seo <9.2.0 Composer 29 Nov, 2018
  • M
Information Exposure
ezsystems/ezpublish-kernel >=5.3.0, <5.3.12.1,>=5.4.0, <5.4.13.1,>=6.0.0, <6.7.9.1,>=6.8.0, <6.13.5.1,>=7.0.0, <7.2.4.1,>=7.3.0, <7.3.2.1 Composer 28 Nov, 2018
  • M
Cross-site Request Forgery (CSRF)
moodle/moodle <3.1.15,>=3.2.0, <3.3.9,>=3.4.0, <3.4.6,>=3.5.0, <3.5.3 Composer 28 Nov, 2018
  • M
Privilege Escalation
ezsystems/ezplatform <1.7.8.1,>=1.8.0, <1.13.4.1,>=2.0.0, <2.2.3.1,>=2.3.0, <2.3.2.1 Composer 28 Nov, 2018
  • L
Information Exposure
ezsystems/repository-forms >=2.3.0, <2.3.2.1 Composer 28 Nov, 2018
  • H
Arbitrary Code Execution
intelliants/subrion >=0.0.0 Composer 22 Nov, 2018
  • M
Information Exposure
flarum/core <0.1.0 Composer 19 Nov, 2018
  • M
XML External Entity (XXE) Injection
phpoffice/phpspreadsheet <1.5.1 Composer 19 Nov, 2018
  • H
Arbitrary Object injection
phpmailer/phpmailer >=5.0.0, <5.2.27,>=6.0.0, <6.0.6 Composer 19 Nov, 2018
  • M
Denial of Service (DoS)
symfony/polyfill >=1.0.0, <1.10.0 Composer 04 Nov, 2018
  • M
Authentication Bypass
ezsystems/ezpublish-legacy >=5.4.0, <5.4.12.1,>=2017.12.0, <2017.12.4.1,>=5.3.0, <5.3.12.4,>=2018.6.0, <2018.6.1.2,>=2018.9.0, <2018.9.1.1 Composer 04 Nov, 2018
  • M
Denial of Service (DoS)
symfony/polyfill-php55 >=1.0.0, <1.10.0 Composer 04 Nov, 2018
  • M
Cross-site Scripting (XSS)
ezsystems/ezpublish-legacy >=5.3.0, <5.3.12.5,>=5.4.0, <5.4.12.2,>=2017.12.0, <2017.12.4.2,>=2018.6.0, <2018.6.1.3,>=2018.9.0, <2018.9.1.2 Composer 04 Nov, 2018
  • M
Cross-site Scripting (XSS)
librenms/librenms <1.44 Composer 30 Oct, 2018
  • H
Remote Code Execution
drupal/drupal >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Remote Code Execution
drupal/core >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Remote Code Execution
drupal/drupal >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Remote Code Execution
drupal/core >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Open Redirect
drupal/core >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018
  • H
Open Redirect
drupal/drupal >=7.0.0, <7.60,>=8.0.0, <8.5.8,>=8.6.0, <8.6.2 Composer 22 Oct, 2018