Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Authentication Bypass
drupal/drupal <8.5.15,>=8.6.0, <8.6.16 Composer 18 Apr, 2019
  • M
Authentication Bypass
drupal/core <8.5.15,>=8.6.0, <8.6.16 Composer 18 Apr, 2019
  • M
Arbitrary Code Execution
drupal/drupal <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Arbitrary Code Execution
drupal/core <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Cross-site Scripting (XSS)
drupal/drupal <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Cross-site Scripting (XSS)
drupal/core <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Information Exposure
contao/core-bundle >=4.4.0, <4.4.31,>=4.6.0, <4.6.11 Composer 17 Apr, 2019
  • M
Information Exposure
contao/core >=3.0, <3.5.37 Composer 17 Apr, 2019
  • M
Information Exposure
contao/contao >=4.4.0, <4.4.31,>=4.6.0, <4.6.11 Composer 17 Apr, 2019
  • M
Cross-site Request Forgery (CSRF)
contao/core-bundle >=4.7.0, <4.7.3 Composer 15 Apr, 2019
  • L
Security Issue
contao/core-bundle >4.4.0, <4.4.37,>4.7.0, <4.7.3 Composer 15 Apr, 2019
  • L
Information Exposure
contao/core-bundle >=4.7.0, <4.7.3 Composer 15 Apr, 2019
  • L
Security Issue
contao/core <3.5.39 Composer 15 Apr, 2019
  • M
Open Redirect
elgg/elgg <1.12.18,<2.3.11 Composer 09 Apr, 2019
  • H
Arbitrary Code Injection
erusev/parsedown <1.7.2 Composer 07 Apr, 2019
  • M
Cross Site Request Forgery (CSRF)
bolt/bolt <=3.6.6 Composer 05 Apr, 2019
  • M
Script Injections
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Information Exposure
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Information Disclousure
magento/core <1.9.4.1 Composer 02 Apr, 2019
  • M
Information Disclousure
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Information Exposure
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Information disclosure
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Request Forgery (CSRF)
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1, <2.1.17,>=2.2, <2.2.8,>=2.3, <2.3.1 Composer 02 Apr, 2019