Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

High Security Advisories for pimcore/pimcore Clear Filters

High
8 months ago

Pimcore Authenticated Stored Cross-Site Scripting (XSS) Via Search Document GSA_kwCzR0hTQS14cjNtLTZncTYtMjJjZ84ABD57

packagist pimcore/pimcore
High
about 1 year ago

Pimcore includes vulnerable PHPOffice/PhpSpreadsheet GSA_kwCzR0hTQS1ocTc2LTY2MngtN213NM4AA_QC

packagist pimcore/pimcore, pimcore/admin-ui-classic-bundle, pimcore/data-importer
High
over 1 year ago

Flooding Server with Thumbnail files GSA_kwCzR0hTQS0yNzdjLTV2dmotOXB3eM4AA8ss

packagist pimcore/pimcore
High
almost 2 years ago

Pimcore SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt() GSA_kwCzR0hTQS03MmhoLXhmNzktNDI5cM4AA3ML

packagist pimcore/pimcore
High
about 2 years ago

Pimcore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor GSA_kwCzR0hTQS1yODdyLTk4MnEtMmMzcc4AA01l

packagist pimcore/pimcore
High
about 2 years ago

Pimcore vulnerable to SQL Injection in Dataobjects sorting GSA_kwCzR0hTQS1jOWh3LTU1N3EtZjhocc4AA01k

packagist pimcore/pimcore
High
about 2 years ago

Pimcore SQL Injection vulnerability GSA_kwCzR0hTQS1yeHA1LXF3cmYtcGZ2M84AA0ta

packagist pimcore/pimcore
High
over 2 years ago

SQL Injection in AssetController GSA_kwCzR0hTQS00eDM1LXZyODIteHZqNs4AAy_6

packagist pimcore/pimcore
High
over 2 years ago

SQL Injection in Admin Translations API GSA_kwCzR0hTQS1qd2c0LXFjZ3YtNXdnNs4AAy_2

packagist pimcore/pimcore
High
over 2 years ago

SQL Injection in Translation Export API GSA_kwCzR0hTQS14bWc4LXc0NjUtbXI1Ns4AAy_1

packagist pimcore/pimcore
High
over 2 years ago

SQL Injection in Admin Search Find API GSA_kwCzR0hTQS02bWhtLWdjcGYtNWdyOM4AAy_0

packagist pimcore/pimcore
High
over 2 years ago

Improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model GSA_kwCzR0hTQS14YzlwLXI1cWotOHhtOc4AAyK5

packagist pimcore/pimcore
High
over 2 years ago

SameSite Attribute vulnerability in pimCore GSA_kwCzR0hTQS1yMnZxLXA2NTgtcDI3NM4AAxlx

packagist pimcore/pimcore
High
over 3 years ago

Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore GSA_kwCzR0hTQS1ndm1mLXdjeDYtcDk3NM4AAs60

packagist pimcore/pimcore
High
over 3 years ago

Pimcore Discloses Usernames In Use GSA_kwCzR0hTQS04ODg5LTlnM2YtNzNyas4AAitK

packagist pimcore/pimcore
High
over 3 years ago

Pimcore Unrestricted Upload of File with Dangerous Type GSA_kwCzR0hTQS1jeGo3LTRqcGotMnEzOM4AAiD2

packagist pimcore/pimcore
High
over 3 years ago

Pimcore RCE via PHAR upload GSA_kwCzR0hTQS0zNTJ4LWhjMmYtZndmZs4AAiD6

packagist pimcore/pimcore
High
over 3 years ago

Pimcore Vulnerable to PHP Object Injection Attacks GSA_kwCzR0hTQS1nN3BqLTN2OTctM3Z4cM4AAems

packagist pimcore/pimcore
High
over 3 years ago

Pimcore CSRF Vulnerability GSA_kwCzR0hTQS1nbWZmLXZjdjYtbW1mcs4AAVvS

packagist pimcore/pimcore
High
over 3 years ago

Pimcore Unserialize Remote Code Execution GSA_kwCzR0hTQS03aHFyLWoyNm0tZ213cM4AAQnJ

packagist pimcore/pimcore
High
over 3 years ago

SQL Injection found in Pimcore GSA_kwCzR0hTQS0ydjdwLWY0cW0tcjVwY80_rw

packagist pimcore/pimcore
High
over 3 years ago

SQL Injection in Pimcore GSA_kwCzR0hTQS1tajJjLTVtanYtZ21tas07WA

packagist pimcore/pimcore
High
over 3 years ago

SQL Injection in Pimcore GSA_kwCzR0hTQS02Z203LWo2NjgtdzZoOc05sw

packagist pimcore/pimcore
High
over 3 years ago

pimcore is vulnerable to SQL Injection GSA_kwCzR0hTQS12ajl4LXc3Y2gtZjQ2cM0kBw

packagist pimcore/pimcore
High
over 3 years ago

Unrestricted Upload of File with Dangerous Type in pimcore GSA_kwCzR0hTQS1jNjk3LXIyMjctcHE2aM0kag

packagist pimcore/pimcore
High
about 4 years ago

Improper Neutralization of Text-Values in Object Version Preview GSA_kwCzR0hTQS13Nmo4LWpjMzYteDVxOc0Vhw

packagist pimcore/pimcore
High
about 4 years ago

Improper Encoding or Escaping of Output in Asset Metadata Component GSA_kwCzR0hTQS0ydjg4LXFxN3gteHE1Zs0ViA

packagist pimcore/pimcore
High
about 4 years ago

SQL injection in pimcore/pimcore MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc4angtNjZwOC12Y20y

packagist pimcore/pimcore
High
over 4 years ago

SQL Injection in pimcore MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqbWgtYzZ2ci1wbXZt

packagist pimcore/pimcore
High
over 4 years ago

Path traversal in pimcore/pimcore MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3ZjktY3ZoNS1xdzdm

packagist pimcore/pimcore

Filter by Severity

Moderate 10,450 High 8,231 Critical 3,380 Low 1,524

Filter by Ecosystem

maven 2,205 pypi 1,763 npm 1,673 packagist 1,404 go 993 nuget 883 cargo 393 rubygems 301 actions 19 swift 18 hex 11 pub 5

Filter by Package

Microsoft.ChakraCore 234 tensorflow 122 tensorflow-gpu 112 tensorflow-cpu 111 magento/community-edition 80 moodle/moodle 61 org.jenkins-ci.main:jenkins-core 56 com.fasterxml.jackson.core:jackson-databind 43 Django 42 typo3/cms 35 dolibarr/dolibarr 34 librenms/librenms 32 drupal/core 32 org.apache.tomcat:tomcat 31 github.com/rancher/rancher 31 pimcore/pimcore 30 mlflow 30 apache-airflow 29 Plone 29 salt 29 phpmyadmin/phpmyadmin 28 typo3/cms-core 28 microweber/microweber 27 nokogiri 26 drupal/drupal 25 ansible 24 com.liferay.portal:release.portal.bom 23 org.apache.struts:struts2-core 23 opencv-python 23 opencv-contrib-python 22 com.thoughtworks.xstream:xstream 22 com.jfinal:jfinal 21 symfony/symfony 21 thorsten/phpmyfaq 20 matrix-synapse 20 org.jenkins-ci.plugins:script-security 19 com.liferay.portal:release.dxp.bom 19 pocketmine/pocketmine-mp 18 org.apache.tomcat.embed:tomcat-embed-core 18 github.com/hashicorp/vault 18 magento/project-community-edition 18 Pillow 18 pillow 18 io.undertow:undertow-core 17 github.com/grafana/grafana 17 gradio 17 rdiffweb 17 django 16 openssl-src 16 getgrav/grav 16 parse-server 16 keystone 15 github.com/hashicorp/consul 15 nilsteampassnet/teampass 15 open-webui 15 org.xwiki.platform:xwiki-platform-oldcore 15 org.keycloak:keycloak-core 14 craftcms/cms 14 Microsoft.AspNetCore.App.Runtime.win-x86 14 vyper 14 Microsoft.AspNetCore.App.Runtime.win-x64 14 centreon/centreon 14 net.mingsoft:ms-mcms 14 github.com/usememos/memos 14 shopware/platform 14 org.keycloak:keycloak-services 13 org.apache.solr:solr-core 13 Microsoft.AspNetCore.App.Runtime.win-arm 13 Microsoft.NetCore.App.Runtime.win-arm 13 Microsoft.AspNetCore.App.Runtime.linux-arm64 13 rubygems-update 13 Microsoft.NetCore.App.Runtime.win-arm64 13 mindsdb 13 apache-superset 13 Microsoft.AspNetCore.App.Runtime.linux-arm 13 shopware/core 13 golang.org/x/net 13 phpoffice/phpspreadsheet 12 activerecord 12 baserproject/basercms 12 electron 12 silverstripe/framework 12 Microsoft.NetCore.App.Runtime.win-x86 12 Microsoft.AspNetCore.App.Runtime.win-arm64 12 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 12 Microsoft.NetCore.App.Runtime.win-x64 12 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 12 org.apache.openmeetings:openmeetings-parent 12 mautic/core 12 org.keycloak:keycloak-parent 11 github.com/argoproj/argo-cd/v2 11 Microsoft.AspNetCore.App.Runtime.linux-x64 11 intelliants/subrion 11 cockpit-hq/cockpit 11 froxlor/froxlor 11 org.springframework.security:spring-security-core 11 github.com/argoproj/argo-cd 11 github.com/hashicorp/nomad 11 directus 11 gogs.io/gogs 11 github.com/zitadel/zitadel 11 next 11 Microsoft.AspNetCore.App.Runtime.osx-x64 11 snipe/snipe-it 10 github.com/traefik/traefik/v2 10 surrealdb 10 laravel/framework 10 deno 10 k8s.io/kubernetes 10 openmage/magento-lts 10 nova 10 github.com/ollama/ollama 10 actionpack 10 funadmin/funadmin 10 github.com/nats-io/nats-server/v2 10 org.apache.geode:geode-core 9 aim 9 org.apache.nifi:nifi 9 Microsoft.NetCore.App.Runtime.linux-musl-arm 9 org.apache.struts.xwork:xwork-core 9 litellm 9 Microsoft.NetCore.App.Runtime.linux-arm64 9 h2o 9 org.apache.tomcat:tomcat-catalina 9 Microsoft.NetCore.App.Runtime.linux-x64 9 zendframework/zendframework1 9 neutron 9 Microsoft.NetCore.App.Runtime.linux-arm 9 lollms 9 ckb 9 cobbler 9 org.cloudfoundry.identity:cloudfoundry-identity-server 9 github.com/ethereum/go-ethereum 9 mercurial 9 Microsoft.NetCore.App.Runtime.linux-musl-x64 9 flowise 9 rusqlite 9 org.apache.hadoop:hadoop-main 9 rack 9 Microsoft.NetCore.App.Runtime.linux-musl-arm64 9 cryptography 8 github.com/sylabs/singularity 8 moin 8 yeswiki/yeswiki 8 phpbb/phpbb 8 @anthropic-ai/claude-code 8 composer/composer 8 ai.h2o:h2o-core 8 org.craftercms:crafter-studio 8 Microsoft.NetCore.App.Runtime.osx-arm64 8 github.com/mattermost/mattermost/server/v8 8 Microsoft.AspNetCore.App.Runtime.linux-musl-arm 8 pyload-ng 8 smarty/smarty 8 october/system 8 plone 8 Microsoft.NetCore.App.Runtime.osx-x64 8 org.eclipse.jetty:jetty-server 8 org.springframework:spring-core 8 github.com/docker/docker 8 org.elasticsearch:elasticsearch 7 @strapi/strapi 7 strapi 7 cakephp/cakephp 7 codeigniter4/framework 7 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 7 org.jenkins-ci.plugins.workflow:workflow-cps 7 Microsoft.NETCore.App.Runtime.win-x86 7 org.apache.inlong:manager-pojo 7 contao/core-bundle 7 Microsoft.NETCore.App.Runtime.win-x64 7 cn.hutool:hutool-core 7 Microsoft.NETCore.App.Runtime.win-arm64 7 OPCFoundation.NetStandard.Opc.Ua.Core 7 apollo-router 7 org.bouncycastle:bcprov-jdk15on 7 DotNetNuke.Core 7 k8s.io/ingress-nginx 7 golang.org/x/crypto 7 mantisbt/mantisbt 7 ryu 7 phpmailer/phpmailer 7 com.xuxueli:xxl-job 7 opencv-python-headless 7 tar 7 org.apache.dolphinscheduler:dolphinscheduler 7 magento/core 6 prestashop/prestashop 6 sized-chunks 6 org.apache.camel:camel-core 6 kiwitcms 6 express-cart 6 contao/contao 6 Microsoft.AspNetCore.App.Runtime.osx-arm64 6 github.com/hyperledger/fabric 6 mediawiki/core 6 phpseclib/phpseclib 6 matrix-js-sdk 6 @openzeppelin/contracts 6 Magick.NET-Q8-x86 6

Filter by Repository

https://github.com/pimcore/pimcore 28 https://github.com/nu11secur1ty/CVE-nu11secur1ty 1