Browse Security Advisories
Moderate Security Advisories for symfony/symfony Clear Filters
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.apache.ranger:ranger
maven
org.apache.ranger:ranger
Moderate
almost 7 years ago
Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML
maven
org.apache.ranger:ranger
Moderate
almost 7 years ago
Apache Tomcat Race Condition vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
almost 7 years ago
Apache Tomcat information exposure vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
almost 7 years ago
Apache Tomcat unauthorized access vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
almost 7 years ago
Apache Tomcat Open Redirect vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
maven
org.bouncycastle:bcprov-jdk15on
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
maven
org.bouncycastle:bcprov-jdk15on
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
maven
org.bouncycastle:bcprov-jdk15on
Moderate
almost 7 years ago
Moderate severity vulnerability that affects io.vertx:vertx-core
maven
io.vertx:vertx-core
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.apache.tika:tika-core
maven
org.apache.tika:tika-core
Moderate
almost 7 years ago
Comparison errorr in org.apache.tika:tika-core
maven
org.apache.tika:tika-core
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.apache.tika:tika-core
maven
org.apache.tika:tika-core
Moderate
almost 7 years ago
Apache Tika Server exposes sensitive information
maven
org.apache.tika:tika-server
Moderate
almost 7 years ago
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
maven
org.apache.tika:tika-parsers
Moderate
almost 7 years ago
Denial of service vulnerability in org.apache.httpcomponents:httpclient
maven
org.apache.httpcomponents:httpclient
Moderate
almost 7 years ago
Improper Verification of Cryptographic Signature in org.apache.httpcomponents:httpclient
maven
org.apache.httpcomponents:httpclient
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.restlet.jse:org.restlet
maven
org.restlet.jse:org.restlet
Moderate
almost 7 years ago
Apache Camel allows remote actor to read arbitrary files via external entity in invalid XML string or GenericFile object
maven
org.apache.camel:camel-core
Moderate
almost 7 years ago
Apache Camel XML External Entity vulnerability
maven
org.apache.camel:camel-core
Moderate
almost 7 years ago
Apache Camel's Mail is vulnerable to path traversal
maven
org.apache.camel:camel-mail
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.apache.ignite:ignite-core
maven
org.apache.ignite:ignite-core
Moderate
almost 7 years ago
Moderate severity vulnerability that affects apache axis
maven
axis:axis, org.apache.axis:axis
Moderate
almost 7 years ago
Improper Validation of Certificates in apache axis
maven
axis:axis, org.apache.axis:axis
Moderate
almost 7 years ago
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, and Microsoft.AspNetCore.Server.Kestrel.Core
nuget
Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.App
Moderate
almost 7 years ago
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions, and Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv
nuget
Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv, Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions, Microsoft.AspNetCore.Server.Kestrel.Core
Moderate
almost 7 years ago
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc and Microsoft.AspNetCore.Mvc.Core
nuget
Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Moderate
almost 7 years ago
OPC UA applications can allow a remote attacker to determine a Server's private key
nuget
OPCFoundation.NetStandard.Opc.Ua
Moderate
almost 7 years ago
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc
nuget
Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Moderate
almost 7 years ago
Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua
nuget
OPCFoundation.NetStandard.Opc.Ua
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.apache.qpid:proton-j
maven
org.apache.qpid:proton-j
Moderate
almost 7 years ago
Improper Input Validation in org.apache.qpid:qpid-broker
maven
org.apache.qpid:qpid-broker
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.apache.juddi:juddi-client
maven
org.apache.juddi:juddi-client
Moderate
almost 7 years ago
Apache Struts Improper Input Validation vulnerability
maven
org.apache.struts:struts2-core
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
maven
org.apache.struts:struts2-rest-plugin
Moderate
almost 7 years ago
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN)
nuget
DotNetNuke.Core
Moderate
almost 7 years ago
Moderate severity vulnerability that affects DotNetNuke.Core
nuget
DotNetNuke.Core
Moderate
almost 7 years ago
Moderate severity vulnerability that affects org.springframework:spring-core
maven
org.springframework:spring-core
Moderate
almost 7 years ago
Spring Framework Cross Site Tracing (XST)
maven
org.springframework:spring-web
Moderate
almost 7 years ago
ZipSlip in org.apache.storm:storm-core
maven
org.apache.storm:storm-core
Moderate
almost 7 years ago
Next.js has cross site scripting (XSS) vulnerability via the 404 or 500 /_error page
npm
next
Moderate
almost 7 years ago
In marshmallow library the schema "only" option treats an empty list as implying no "only" option
pypi
marshmallow
Moderate
almost 7 years ago
Django allows unprivileged users to read the password hashes of arbitrary accounts
pypi
django
Moderate
about 7 years ago
mayan-edms Cross-site Scripting vulnerability
pypi
mayan-edms-ng, mayan-edms
Moderate
about 7 years ago
Tinfoil Devise-two-factor does not "burn" a successfully validated one-time password (OTP)
rubygems
devise-two-factor
Moderate
about 7 years ago
metascraper before v5.2.0 vulnerable to stored cross-site scripting
npm
metascraper
Moderate
about 7 years ago
Sandbox Breakout / Arbitrary Code Execution in static-eval
npm
static-eval
Moderate
about 7 years ago
Json-jwt did not verify the cryptographic signature for data
rubygems
json-jwt
Moderate
about 7 years ago
Macro in MathJax running untrusted Javascript within a web browser
npm
mathjax
Filter by Severity
Filter by Ecosystem
maven
3,255
packagist
2,965
pypi
2,025
npm
1,380
go
1,307
nuget
433
cargo
421
rubygems
420
hex
16
swift
11
actions
8
pub
2
Filter by Package
moodle/moodle
307
tensorflow
200
tensorflow-cpu
188
tensorflow-gpu
181
magento/community-edition
167
org.jenkins-ci.main:jenkins-core
148
typo3/cms
124
com.liferay.portal:release.portal.bom
104
org.apache.tomcat:tomcat
96
pimcore/pimcore
87
github.com/mattermost/mattermost/server/v8
84
com.liferay.portal:release.dxp.bom
82
microweber/microweber
72
typo3/cms-core
70
silverstripe/framework
66
phpmyadmin/phpmyadmin
56
dolibarr/dolibarr
55
drupal/core
51
github.com/usememos/memos
50
thorsten/phpmyfaq
47
concrete5/concrete5
46
actionpack
45
apache-superset
45
apache-airflow
44
librenms/librenms
43
Django
39
drupal/drupal
38
showdoc/showdoc
34
picklescan
34
org.elasticsearch:elasticsearch
34
magento/project-community-edition
33
mantisbt/mantisbt
33
org.keycloak:keycloak-core
32
github.com/grafana/grafana
31
craftcms/cms
31
github.com/mattermost/mattermost-server/v6
30
symfony/symfony
30
github.com/mattermost/mattermost-server
29
plone
29
nova
29
snipe/snipe-it
27
intelliants/subrion
27
mautic/core
27
moin
27
baserproject/basercms
26
ansible
25
k8s.io/kubernetes
24
Plone
23
shopware/platform
23
directus
23
github.com/answerdev/answer
21
org.keycloak:keycloak-services
21
github.com/hashicorp/vault
21
nilsteampassnet/teampass
21
mediawiki/core
20
froxlor/froxlor
20
gradio
20
django
20
grumpydictator/firefly-iii
20
org.apache.struts:struts2-core
19
github.com/cilium/cilium
19
shopware/shopware
19
matrix-synapse
19
remdex/livehelperchat
18
salt
17
shopware/core
17
DotNetNuke.Core
17
contao/core-bundle
17
getkirby/cms
17
github.com/argoproj/argo-cd/v2
17
github.com/docker/docker
16
zendframework/zendframework1
16
prestashop/prestashop
16
rdiffweb
16
io.undertow:undertow-core
15
yetiforce/yetiforce-crm
15
github.com/hashicorp/nomad
15
vyper
15
org.opencms:opencms-core
15
rack
15
org.apache.jspwiki:jspwiki-main
15
tinymce
14
org.xwiki.platform:xwiki-platform-oldcore
14
glance
14
github.com/hashicorp/consul
14
org.apache.tomcat.embed:tomcat-embed-core
14
forkcms/forkcms
13
puppet
13
nokogiri
13
org.springframework.security:spring-security-core
13
typo3/cms-backend
13
com.jfinal:jfinal
13
com.thoughtworks.xstream:xstream
13
keystone
13
github.com/goharbor/harbor
13
tribalsystems/zenario
13
github.com/openfga/openfga
13
helm.sh/helm/v3
12
wallabag/wallabag
12
roundup
12
simplesamlphp/simplesamlphp
12
transformers
12
next
12
ckeditor4
11
org.eclipse.jetty:jetty-server
11
@openzeppelin/contracts
11
github.com/traefik/traefik/v2
11
bootstrap
11
ec-cube/ec-cube
11
getgrav/grav
11
@openzeppelin/contracts-upgradeable
11
github.com/containerd/containerd
11
github.com/argoproj/argo-cd
11
feehi/feehicms
11
activesupport
11
github.com/ethereum/go-ethereum
11
lavalite/cms
11
TinyMCE
11
org.bouncycastle:bcprov-jdk15on
11
tinymce/tinymce
11
genix/cms
11
ghost
11
github.com/greenpau/caddy-security
10
fat_free_crm
10
PaddlePaddle
10
com.vaadin:vaadin-bom
10
org.apache.jspwiki:jspwiki-war
10
vite
10
OctoPrint
10
notebook
10
electron
10
opencart/opencart
10
joplin
10
com.liferay.portal:com.liferay.portal.impl
10
vllm
10
org.apache.solr:solr-core
10
aiohttp
10
francoisjacquet/rosariosis
10
silverstripe/cms
10
org.apache.nifi:nifi
10
zendframework/zendframework
10
phpoffice/phpspreadsheet
10
org.keycloak:keycloak-parent
10
bolt/bolt
10
laravel/framework
10
surrealdb
10
org.springframework:spring-core
10
open-webui
9
org.mortbay.jetty:jetty
9
code.gitea.io/gitea
9
org.apache.activemq:activemq-client
9
gogs.io/gogs
9
pimcore/admin-ui-classic-bundle
9
cakephp/cakephp
9
pyftpdlib
9
calibreweb
9
contao/contao
9
urllib3
9
org.igniterealtime.openfire:parent
9
angular
9
rubygems-update
9
org.opencrx:opencrx-core-models
9
github.com/rancher/rancher
9
horizon
9
org.jenkins-ci.plugins:git
9
wasmtime
9
publify_core
9
org.jenkins-ci.plugins:script-security
9
pyload-ng
8
phpbb/phpbb
8
org.apache.ranger:ranger
8
org.apache.archiva:archiva
8
org.opensearch.plugin:opensearch-security
8
org.jenkins-ci.plugins:subversion
8
mlflow
8
sulu/sulu
8
onionshare-cli
8
neutron
8
parse-server
8
alextselegidis/easyappointments
8
impresscms/impresscms
8
modoboa
8
sylius/sylius
8
opencv-contrib-python
8
github.com/kubeedge/kubeedge
8
github.com/mattermost/mattermost-plugin-confluence
8
activerecord
8
github.com/traefik/traefik/v3
8
camaleon_cms
8
centreon/centreon
8
editor.md
8
phpmyfaq/phpmyfaq
8
github.com/cri-o/cri-o
8
opencv-python
8
Microsoft.ChakraCore
8
org.jenkins-ci.plugins:electricflow
8
rails-html-sanitizer
8
twisted
7
in2code/femanager
7
org.opennms:opennms
7
Filter by Repository
https://github.com/tensorflow/tensorflow
200
https://github.com/moodle/moodle
186
https://github.com/liferay/liferay-portal
115
https://github.com/jenkinsci/jenkins
109
https://github.com/pimcore/pimcore
85
https://github.com/TYPO3/typo3
64
https://github.com/microweber/microweber
63
https://github.com/apache/tomcat
62
https://github.com/usememos/memos
50
https://github.com/silverstripe/silverstripe-framework
50
https://github.com/xwiki/xwiki-platform
50
https://github.com/django/django
50
https://github.com/rails/rails
46
https://github.com/thorsten/phpmyfaq
45
https://github.com/apache/airflow
43
https://github.com/keycloak/keycloak
42
https://github.com/kubernetes/kubernetes
40
https://github.com/librenms/librenms
40
https://github.com/mmaitre314/picklescan
34
https://github.com/star7th/showdoc
32
https://github.com/mantisbt/mantisbt
32
https://github.com/concretecms/concretecms
28
https://github.com/mautic/mautic
27
https://github.com/symfony/symfony
27
https://github.com/grafana/grafana
27
https://github.com/ansible/ansible
26
https://github.com/phpmyadmin/phpmyadmin
26
https://github.com/spring-projects/spring-framework
26
https://github.com/craftcms/cms
26
https://github.com/directus/directus
24
https://github.com/mattermost/mattermost
24
https://github.com/argoproj/argo-cd
24
https://github.com/umbraco/Umbraco-CMS
23
https://github.com/Dolibarr/dolibarr
22
https://github.com/shopware/shopware
21
https://github.com/answerdev/answer
21
https://github.com/magento/magento2
20
https://github.com/firefly-iii/firefly-iii
20
https://github.com/apache/activemq
20
https://github.com/snipe/snipe-it
20
https://github.com/plone/Products.CMFPlone
20
https://github.com/cilium/cilium
19
https://github.com/livehelperchat/livehelperchat
18
https://github.com/contao/contao
18
https://github.com/openstack/nova
18
https://github.com/shopware/platform
17
https://github.com/apache/struts
17
https://github.com/gradio-app/gradio
16
https://github.com/ikus060/rdiffweb
16
https://github.com/matrix-org/synapse
16
https://github.com/netty/netty
15
https://github.com/getkirby/kirby
15
https://github.com/vyperlang/vyper
15
https://github.com/CVEProject/cvelist
15
https://github.com/apache/cxf
15
https://github.com/TYPO3/TYPO3.CMS
14
https://github.com/geoserver/geoserver
14
https://github.com/baserproject/basercms
14
https://github.com/OpenNMS/opennms
14
https://github.com/yetiforcecompany/yetiforcecrm
14
https://github.com/x-stream/xstream
14
https://github.com/froxlor/froxlor
14
https://github.com/tinymce/tinymce
14
https://github.com/saltstack/salt
14
https://github.com/PaddlePaddle/Paddle
14
https://github.com/moby/moby
14
https://github.com/apache/nifi
13
https://github.com/openfga/openfga
13
https://github.com/goharbor/harbor
13
https://github.com/nilsteampassnet/TeamPass
13
https://github.com/PrestaShop/PrestaShop
13
https://github.com/octobercms/october
13
https://github.com/go-gitea/gitea
13
https://github.com/huggingface/transformers
12
https://github.com/helm/helm
12
https://github.com/rack/rack
12
https://github.com/bcgit/bc-java
12
https://github.com/traefik/traefik
12
https://github.com/containerd/containerd
12
https://github.com/TYPO3-CMS/core
12
https://github.com/laravel/framework
11
https://github.com/ckeditor/ckeditor4
11
https://github.com/intelliants/subrion
11
https://github.com/surrealdb/surrealdb
11
https://github.com/OpenZeppelin/openzeppelin-contracts
11
https://github.com/forkcms/forkcms
11
https://github.com/github/advisory-database
11
https://github.com/electron/electron
11
https://github.com/vaadin/platform
11
https://github.com/strapi/strapi
11
https://github.com/ethereum/go-ethereum
11
https://github.com/apache/zeppelin
11
https://github.com/openstack/keystone
11
https://github.com/backstage/backstage
10
https://github.com/TryGhost/Ghost
10
https://github.com/bytecodealliance/wasmtime
10
https://github.com/decidim/decidim
10
https://github.com/laurent22/joplin
10
https://github.com/liufee/cms
10
https://github.com/vercel/next.js
10
https://github.com/wallabag/wallabag
10
https://github.com/simplesamlphp/simplesamlphp
10
https://github.com/vitejs/vite
10
https://github.com/PHPOffice/PhpSpreadsheet
10
https://github.com/greenpau/caddy-security
10
https://github.com/hashicorp/consul
10
https://github.com/aio-libs/aiohttp
10
https://github.com/vllm-project/vllm
9
https://github.com/puppetlabs/puppet
9
https://github.com/dnnsoftware/Dnn.Platform
9
https://github.com/thorsten/phpMyFAQ
9
https://github.com/jenkinsci/git-plugin
9
https://github.com/dpgaspar/Flask-AppBuilder
9
https://github.com/rancher/rancher
9
https://github.com/alkacon/opencms-core
9
https://github.com/urllib3/urllib3
9
https://github.com/pimcore/admin-ui-classic-bundle
9
https://github.com/publify/publify
9
https://github.com/fatfreecrm/fat_free_crm
9
https://github.com/jquery/jquery
9
https://github.com/rubygems/rubygems
8
https://github.com/apache/superset
8
https://github.com/onionshare/onionshare
8
https://github.com/nilsteampassnet/teampass
8
https://github.com/modoboa/modoboa
8
https://github.com/sulu/sulu
8
https://github.com/sparklemotion/nokogiri
8
https://github.com/hashicorp/nomad
8
https://github.com/kubeedge/kubeedge
8
https://github.com/rails/rails-html-sanitizer
8
https://github.com/dotnet/runtime
8
https://github.com/pandao/editor.md
8
https://github.com/denoland/deno
8
https://github.com/LavaLite/cms
8
https://github.com/OctoPrint/OctoPrint
8
https://github.com/openstack/glance
8
https://github.com/getgrav/grav
8
https://github.com/eclipse/jetty.project
8
https://github.com/dolibarr/dolibarr
8
https://github.com/opensearch-project/security
8
https://github.com/zendframework/zendframework
8
https://github.com/pyload/pyload
8
https://github.com/parse-community/parse-server
8
https://github.com/swagger-api/swagger-ui
8
https://github.com/gogs/gogs
8
https://github.com/opencast/opencast
8
https://github.com/vaadin/flow
7
https://github.com/chakra-core/ChakraCore
7
https://github.com/google/fscrypt
7
https://github.com/dragonflyoss/dragonfly
7
https://github.com/containers/podman
7
https://github.com/OPCFoundation/UA-.NETStandard
7
https://github.com/croogo/croogo
7
https://github.com/nahsra/antisamy
7
https://github.com/modxcms/revolution
7
https://github.com/janeczku/calibre-web
7
https://github.com/jeecgboot/jeecg-boot
7
https://github.com/opencv/opencv
7
https://github.com/jupyter/notebook
7
https://github.com/twbs/bootstrap
7
https://github.com/igniterealtime/Openfire
7
https://github.com/opencontainers/runc
7
https://github.com/hashicorp/vault
7
https://github.com/n8n-io/n8n
7
https://github.com/matrix-org/matrix-rust-sdk
7
https://github.com/zitadel/zitadel
7
https://github.com/Leantime/leantime
7
https://github.com/vega/vega
7
https://github.com/Sylius/Sylius
7
https://github.com/openstack/horizon
7
https://github.com/jenkinsci/blueocean-plugin
7
https://github.com/MobSF/Mobile-Security-Framework-MobSF
7
https://github.com/scrapy/scrapy
7
https://github.com/undertow-io/undertow
7
https://github.com/python-pillow/Pillow
7
https://github.com/nocodb/nocodb
7
https://github.com/kevinpapst/kimai2
7
https://github.com/NodeBB/NodeBB
6
https://github.com/openbao/openbao
6
https://github.com/pallets/jinja
6
https://github.com/zenml-io/zenml
6
https://github.com/yiisoft/yii2
6
https://github.com/spatie/browsershot
6
https://github.com/dompdf/dompdf
6
https://github.com/panva/jose
6
https://github.com/FlowiseAI/Flowise
6
https://github.com/cri-o/cri-o
6
https://github.com/wagtail/wagtail
6
https://github.com/giampaolo/pyftpdlib
6
https://github.com/psf/requests
6
https://github.com/tecnickcom/TCPDF
6
https://github.com/jenkinsci/config-file-provider-plugin
6
https://github.com/jenkinsci/configuration-as-code-plugin
6
https://github.com/pimcore/customer-data-framework
6
https://github.com/jquery/jquery-ui
6
https://github.com/matrix-org/matrix-js-sdk
6
https://github.com/louislam/uptime-kuma
6
https://github.com/jenkinsci/subversion-plugin
6
https://github.com/owen2345/camaleon-cms
6