Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Cross-Site Scripting (XSS)
typo3/cms >=8.0.0, <8.7.25,>=9.0.0, <9.5.6 Composer 08 May, 2019
  • M
Cross-site Scripting (XSS)
impresscms/impresscms <1.3.11 Composer 06 May, 2019
  • L
Open Redirect
revive-adserver/revive-adserver <4.2.0 Composer 06 May, 2019
  • H
Deserialization of Untrusted Data
revive-adserver/revive-adserver <4.2.0 Composer 06 May, 2019
  • M
Arbitrary File Read
librenms/librenms <1.31 Composer 06 May, 2019
  • M
Remote Code Execution (RCE)
laravel/framework <5.6.30 Composer 05 May, 2019
  • H
Denial of Service (DoS)
phpbb <3.2.6 Composer 02 May, 2019
  • M
SQL injection
contao/core-bundle >=4.1.0, <4.4.39,>=4.5.0, <4.7.5 Composer 30 Apr, 2019
  • H
Command Injection
librenms/librenms >=1.46 Composer 25 Apr, 2019
  • M
Deserialization of Untrusted Data
symfony/symfony >=2.8.0, <2.8.50,>=4.0.0, <4.1.0,>=3.4.0, <3.4.26,>=3.1.0, <3.2.0,>=4.1.0, <4.1.12,>=3.0.0, <3.1.0,>=3.3.0, <3.4.0,>=3.2.0, <3.3.0 Composer 24 Apr, 2019
  • M
Arbitrary Code Execution
symfony/symfony >=2.7.0, <2.7.51,>=2.8.0, <2.8.50,>=4.0.0, <4.1.0,>=3.4.0, <3.4.26,>=3.1.0, <3.2.0,>=4.1.0, <4.1.12,>=3.0.0, <3.1.0,>=3.3.0, <3.4.0,>=3.2.0, <3.3.0 Composer 24 Apr, 2019
  • M
Access Restriction Bypass
drupal/commerce >=2.0.0, <2.9.0 Composer 24 Apr, 2019
  • M
Deserialization of Untrusted Data
cakephp/cakephp >=3.6.0, <3.6.15,>=3.7.0, <3.7.7,>=3.0.0, <3.5.18 Composer 24 Apr, 2019
  • M
Improper Input Validation
symfony/symfony >=2.7.0, <2.7.51,>=2.8.0, <2.8.50,>=4.0.0, <4.1.0,>=3.4.0, <3.4.26,>=3.1.0, <3.2.0,>=4.1.0, <4.1.12,>=3.0.0, <3.1.0,>=3.3.0, <3.4.0,>=3.2.0, <3.3.0 Composer 24 Apr, 2019
  • M
Cross-site Scripting (XSS)
symfony/symfony >=2.7.0, <2.7.51,>=2.8.0, <2.8.50,>=4.0.0, <4.1.0,>=3.4.0, <3.4.26,>=3.1.0, <3.2.0,>=4.1.0, <4.1.12,>=3.0.0, <3.1.0,>=3.3.0, <3.4.0,>=3.2.0, <3.3.0 Composer 24 Apr, 2019
  • M
Access Control Bypass
symfony/symfony >=2.7.0, <2.7.51,>=2.8.0, <2.8.50,>=4.0.0, <4.1.0,>=3.4.0, <3.4.26,>=3.1.0, <3.2.0,>=4.1.0, <4.1.12,>=3.0.0, <3.1.0,>=3.3.0, <3.4.0,>=3.2.0, <3.3.0 Composer 24 Apr, 2019
  • M
Access Control Bypass
symfony/security-http >=4.2.0, <4.2.7 Composer 24 Apr, 2019
  • M
Access Control Bypass
symfony/security >=4.2.0, <4.2.7 Composer 24 Apr, 2019
  • M
Arbitrary Code Execution
symfony/proxy-manager-bridge >=4.2.0, <4.2.7 Composer 24 Apr, 2019
  • M
Deserialization of Untrusted Data
symfony/phpunit-bridge >=4.2.0, <4.2.7 Composer 24 Apr, 2019
  • M
Improper Input Validation
symfony/http-foundation >=4.2.0, <4.2.7 Composer 24 Apr, 2019
  • M
Cross-site Scripting (XSS)
symfony/framework-bundle >=4.2.0, <4.2.7 Composer 24 Apr, 2019
  • M
Arbitrary Code Execution
symfony/dependency-injection >=4.2.0, <4.2.7 Composer 24 Apr, 2019
  • M
Deserialization of Untrusted Data
symfony/cache >=4.2.0, <4.2.7 Composer 24 Apr, 2019
  • M
Authentication Bypass
drupal/drupal <8.5.15,>=8.6.0, <8.6.16 Composer 18 Apr, 2019
  • M
Authentication Bypass
drupal/core <8.5.15,>=8.6.0, <8.6.16 Composer 18 Apr, 2019
  • M
Arbitrary Code Execution
drupal/drupal <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Arbitrary Code Execution
drupal/core <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Cross-site Scripting (XSS)
drupal/drupal <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019
  • M
Cross-site Scripting (XSS)
drupal/core <8.5.15,>=8.6.0, <8.6.15 Composer 18 Apr, 2019