Browse Security Advisories
Moderate Security Advisories for symfony/symfony Clear Filters
Moderate
about 7 years ago
Bypassing Sanitization using DOM clobbering in html-janitor
npm
html-janitor
Moderate
about 7 years ago
Cross-site scripting in Products.CMFPlone and Products.PasswordResetTool
pypi
Products.CMFPlone
Moderate
about 7 years ago
Moderate severity vulnerability that affects Products.PlonePAS
pypi
Products.PlonePAS
Moderate
about 7 years ago
Ciborg gem for Ruby allows local users to write files and gain privileges via Symlink
rubygems
ciborg
Moderate
about 7 years ago
Cross-site Scripting (XSS) - Stored in crud-file-server
npm
crud-file-server
Moderate
about 7 years ago
python-fedora vulnerable to an open redirect resulting in loss of CSRF protection
pypi
python-fedora
Moderate
over 7 years ago
Cross-Site Scripting in @ckeditor/ckeditor5-link
npm
@ckeditor/ckeditor5-link
Moderate
over 7 years ago
rails-html-sanitizer Cross-site Scripting vulnerability
rubygems
rails-html-sanitizer
Moderate
over 7 years ago
Doorkeeper is vulnerable to stored XSS and code execution
rubygems
doorkeeper
Moderate
over 7 years ago
http vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
rubygems
http
Moderate
over 7 years ago
rack-protection gem timing attack vulnerability when validating CSRF token
rubygems
rack-protection
Moderate
over 7 years ago
Insight API transaction broadcast endpoint can result in Full Path Disclosure
npm
insight-api
Moderate
over 7 years ago
delayed_job_web Cross-site Scripting vulnerability
rubygems
delayed_job_web
Moderate
over 7 years ago
Cross-Site Scripting (XSS) in jquery
maven, rubygems, npm, nuget
org.webjars.npm:jquery, jquery-rails, jquery, jQuery
Moderate
almost 8 years ago
private_address_check vulnerable to bypass of Resolv.getaddresses method
rubygems
private_address_check
Moderate
almost 8 years ago
cairo is vulnerable to denial of service due to a null pointer dereference
rubygems
cairo
Moderate
almost 8 years ago
actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request
rubygems
actionpack
Moderate
almost 8 years ago
rails Cross-site Scripting vulnerability
rubygems
activesupport, actionpack
Moderate
almost 8 years ago
Cross-site Scripting in jquery-ui
rubygems, nuget, maven, npm
jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Moderate
almost 8 years ago
Action Pack contains database-query restrictions bypass
rubygems
actionpack
Moderate
almost 8 years ago
Rails actionpack gem vulnerable to Cross-site Scripting
rubygems
actionpack
Moderate
almost 8 years ago
actionpack and activesupport vulnerable to information leaks
rubygems
activesupport, actionpack
Moderate
almost 8 years ago
session fixation protection mechanism in cgi_process.rb in Rails
rubygems
rails
Moderate
almost 8 years ago
Cross site scripting that affects rails
rubygems
activesupport, actionpack
Moderate
almost 8 years ago
Cross-site Scripting vulnerability in i18n translations helper method
rubygems
actionpack
Moderate
almost 8 years ago
Rails activerecord gem has Improper Input Validation vulnerability
rubygems
activerecord
Moderate
almost 8 years ago
gtk2 vulnerable to Use of Externally-Controlled Format String
rubygems
gtk2
Moderate
almost 8 years ago
Active Record vulnerable to SQL Injection via nested query parameters
rubygems
activerecord
Moderate
almost 8 years ago
Active Record allows bypassing of database-query restrictions
rubygems
activerecord
Moderate
almost 8 years ago
Devise does not properly perform type conversion when performing database queries
rubygems
devise
Moderate
almost 8 years ago
jquery-ui Tooltip widget vulnerable to XSS
nuget, maven, rubygems, npm
jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Moderate
almost 8 years ago
ActiveRecord vulnerable to modification of protected model attributes
rubygems
activerecord
Moderate
almost 8 years ago
omniauth-oauth2 Cross-Site Request Forgery vulnerability
rubygems
omniauth-oauth2
Moderate
almost 8 years ago
Pupper does not properly restrict characters in Common Name field of Certificate Signing Request
rubygems
puppet
Filter by Severity
Filter by Ecosystem
maven
3,273
packagist
2,973
pypi
2,027
npm
1,379
go
1,301
nuget
433
cargo
422
rubygems
412
hex
16
swift
14
actions
8
pub
2
Filter by Package
moodle/moodle
306
tensorflow
200
tensorflow-cpu
188
tensorflow-gpu
181
magento/community-edition
150
org.jenkins-ci.main:jenkins-core
148
typo3/cms
123
com.liferay.portal:release.portal.bom
104
org.apache.tomcat:tomcat
95
pimcore/pimcore
87
github.com/mattermost/mattermost/server/v8
84
com.liferay.portal:release.dxp.bom
82
microweber/microweber
72
typo3/cms-core
71
silverstripe/framework
68
phpmyadmin/phpmyadmin
56
dolibarr/dolibarr
55
drupal/core
52
magento/project-community-edition
50
github.com/usememos/memos
50
thorsten/phpmyfaq
47
concrete5/concrete5
46
apache-superset
45
apache-airflow
44
actionpack
44
librenms/librenms
43
Django
42
drupal/drupal
40
showdoc/showdoc
34
Plone
34
picklescan
34
org.elasticsearch:elasticsearch
34
mantisbt/mantisbt
33
org.keycloak:keycloak-core
32
craftcms/cms
31
github.com/grafana/grafana
31
github.com/mattermost/mattermost-server/v6
30
nova
29
github.com/mattermost/mattermost-server
29
intelliants/subrion
27
mautic/core
27
snipe/snipe-it
27
moin
27
baserproject/basercms
26
ansible
25
k8s.io/kubernetes
25
shopware/platform
23
directus
23
symfony/symfony
22
nilsteampassnet/teampass
21
github.com/answerdev/answer
21
github.com/hashicorp/vault
21
org.keycloak:keycloak-services
21
org.apache.struts:struts2-core
20
mediawiki/core
20
gradio
20
grumpydictator/firefly-iii
20
froxlor/froxlor
20
matrix-synapse
19
shopware/shopware
19
plone
19
github.com/cilium/cilium
19
remdex/livehelperchat
18
github.com/docker/docker
18
DotNetNuke.Core
17
github.com/argoproj/argo-cd/v2
17
shopware/core
17
getkirby/cms
17
salt
17
zendframework/zendframework1
16
prestashop/prestashop
16
rdiffweb
16
django
16
rack
15
vyper
15
github.com/hashicorp/nomad
15
yetiforce/yetiforce-crm
15
org.apache.jspwiki:jspwiki-main
15
io.undertow:undertow-core
15
org.opencms:opencms-core
15
contao/core-bundle
15
glance
14
org.apache.tomcat.embed:tomcat-embed-core
14
github.com/hashicorp/consul
14
tinymce
14
org.xwiki.platform:xwiki-platform-oldcore
14
tribalsystems/zenario
13
com.jfinal:jfinal
13
github.com/openfga/openfga
13
com.thoughtworks.xstream:xstream
13
typo3/cms-backend
13
org.springframework.security:spring-security-core
13
keystone
13
nokogiri
13
puppet
13
forkcms/forkcms
13
github.com/goharbor/harbor
13
wallabag/wallabag
12
next
12
transformers
12
helm.sh/helm/v3
12
roundup
12
simplesamlphp/simplesamlphp
12
ec-cube/ec-cube
11
github.com/traefik/traefik/v2
11
@openzeppelin/contracts
11
@openzeppelin/contracts-upgradeable
11
genix/cms
11
TinyMCE
11
feehi/feehicms
11
lavalite/cms
11
activesupport
11
laravel/framework
11
github.com/ethereum/go-ethereum
11
github.com/containerd/containerd
11
org.bouncycastle:bcprov-jdk15on
11
org.eclipse.jetty:jetty-server
11
ghost
11
contao/contao
11
github.com/argoproj/argo-cd
11
getgrav/grav
11
tinymce/tinymce
11
ckeditor4
10
zendframework/zendframework
10
org.apache.nifi:nifi
10
notebook
10
org.apache.jspwiki:jspwiki-war
10
PaddlePaddle
10
com.vaadin:vaadin-bom
10
OctoPrint
10
github.com/greenpau/caddy-security
10
aiohttp
10
vite
10
fat_free_crm
10
joplin
10
surrealdb
10
org.keycloak:keycloak-parent
10
org.springframework:spring-core
10
com.liferay.portal:com.liferay.portal.impl
10
electron
10
vllm
10
opencart/opencart
10
bolt/bolt
10
org.apache.solr:solr-core
10
francoisjacquet/rosariosis
10
phpoffice/phpspreadsheet
9
github.com/rancher/rancher
9
cakephp/cakephp
9
publify_core
9
open-webui
9
silverstripe/cms
9
rubygems-update
9
org.jenkins-ci.plugins:git
9
urllib3
9
code.gitea.io/gitea
9
calibreweb
9
org.jenkins-ci.plugins:script-security
9
pimcore/admin-ui-classic-bundle
9
wasmtime
9
gogs.io/gogs
9
horizon
9
org.mortbay.jetty:jetty
9
org.igniterealtime.openfire:parent
9
sylius/sylius
9
pyftpdlib
9
org.apache.activemq:activemq-client
9
org.opencrx:opencrx-core-models
9
swagger-ui
9
angular
9
opencv-contrib-python
8
centreon/centreon
8
phpbb/phpbb
8
impresscms/impresscms
8
org.jenkins-ci.plugins:subversion
8
modoboa
8
editor.md
8
org.jenkins-ci.plugins:electricflow
8
onionshare-cli
8
phpmyfaq/phpmyfaq
8
alextselegidis/easyappointments
8
github.com/mattermost/mattermost-plugin-confluence
8
github.com/kubeedge/kubeedge
8
org.opensearch.plugin:opensearch-security
8
github.com/cri-o/cri-o
8
org.apache.archiva:archiva
8
mlflow
8
neutron
8
rails-html-sanitizer
8
pyload-ng
8
Microsoft.ChakraCore
8
org.apache.ranger:ranger
8
github.com/traefik/traefik/v3
8
org.webjars:bootstrap
8
org.bouncycastle:bcprov-jdk14
8
sulu/sulu
8
opencv-python
8
camaleon_cms
8
org.apache.tomcat:tomcat-coyote
8
activerecord
8
parse-server
8
Filter by Repository
https://github.com/tensorflow/tensorflow
200
https://github.com/moodle/moodle
186
https://github.com/liferay/liferay-portal
115
https://github.com/jenkinsci/jenkins
109
https://github.com/pimcore/pimcore
85
https://github.com/TYPO3/typo3
64
https://github.com/microweber/microweber
63
https://github.com/apache/tomcat
62
https://github.com/usememos/memos
50
https://github.com/silverstripe/silverstripe-framework
50
https://github.com/xwiki/xwiki-platform
50
https://github.com/django/django
50
https://github.com/rails/rails
46
https://github.com/thorsten/phpmyfaq
45
https://github.com/apache/airflow
43
https://github.com/keycloak/keycloak
42
https://github.com/kubernetes/kubernetes
40
https://github.com/librenms/librenms
40
https://github.com/mmaitre314/picklescan
34
https://github.com/star7th/showdoc
32
https://github.com/mantisbt/mantisbt
32
https://github.com/concretecms/concretecms
28
https://github.com/mautic/mautic
27
https://github.com/symfony/symfony
27
https://github.com/grafana/grafana
27
https://github.com/ansible/ansible
26
https://github.com/phpmyadmin/phpmyadmin
26
https://github.com/spring-projects/spring-framework
26
https://github.com/craftcms/cms
26
https://github.com/directus/directus
24
https://github.com/mattermost/mattermost
24
https://github.com/argoproj/argo-cd
24
https://github.com/umbraco/Umbraco-CMS
23
https://github.com/Dolibarr/dolibarr
22
https://github.com/answerdev/answer
21
https://github.com/shopware/shopware
21
https://github.com/firefly-iii/firefly-iii
20
https://github.com/magento/magento2
20
https://github.com/apache/activemq
20
https://github.com/snipe/snipe-it
20
https://github.com/plone/Products.CMFPlone
20
https://github.com/cilium/cilium
19
https://github.com/openstack/nova
18
https://github.com/contao/contao
18
https://github.com/livehelperchat/livehelperchat
18
https://github.com/apache/struts
17
https://github.com/shopware/platform
17
https://github.com/matrix-org/synapse
16
https://github.com/ikus060/rdiffweb
16
https://github.com/gradio-app/gradio
16
https://github.com/CVEProject/cvelist
15
https://github.com/vyperlang/vyper
15
https://github.com/getkirby/kirby
15
https://github.com/netty/netty
15
https://github.com/apache/cxf
15
https://github.com/TYPO3/TYPO3.CMS
14
https://github.com/geoserver/geoserver
14
https://github.com/baserproject/basercms
14
https://github.com/OpenNMS/opennms
14
https://github.com/yetiforcecompany/yetiforcecrm
14
https://github.com/x-stream/xstream
14
https://github.com/froxlor/froxlor
14
https://github.com/tinymce/tinymce
14
https://github.com/saltstack/salt
14
https://github.com/PaddlePaddle/Paddle
14
https://github.com/moby/moby
14
https://github.com/apache/nifi
13
https://github.com/openfga/openfga
13
https://github.com/goharbor/harbor
13
https://github.com/nilsteampassnet/TeamPass
13
https://github.com/PrestaShop/PrestaShop
13
https://github.com/octobercms/october
13
https://github.com/go-gitea/gitea
13
https://github.com/huggingface/transformers
12
https://github.com/helm/helm
12
https://github.com/rack/rack
12
https://github.com/bcgit/bc-java
12
https://github.com/traefik/traefik
12
https://github.com/containerd/containerd
12
https://github.com/TYPO3-CMS/core
12
https://github.com/laravel/framework
11
https://github.com/ckeditor/ckeditor4
11
https://github.com/surrealdb/surrealdb
11
https://github.com/intelliants/subrion
11
https://github.com/OpenZeppelin/openzeppelin-contracts
11
https://github.com/forkcms/forkcms
11
https://github.com/github/advisory-database
11
https://github.com/electron/electron
11
https://github.com/vaadin/platform
11
https://github.com/strapi/strapi
11
https://github.com/ethereum/go-ethereum
11
https://github.com/apache/zeppelin
11
https://github.com/openstack/keystone
11
https://github.com/backstage/backstage
10
https://github.com/TryGhost/Ghost
10
https://github.com/bytecodealliance/wasmtime
10
https://github.com/decidim/decidim
10
https://github.com/laurent22/joplin
10
https://github.com/liufee/cms
10
https://github.com/vercel/next.js
10
https://github.com/wallabag/wallabag
10
https://github.com/simplesamlphp/simplesamlphp
10
https://github.com/greenpau/caddy-security
10
https://github.com/vitejs/vite
10
https://github.com/aio-libs/aiohttp
10
https://github.com/hashicorp/consul
10
https://github.com/PHPOffice/PhpSpreadsheet
10
https://github.com/vllm-project/vllm
9
https://github.com/puppetlabs/puppet
9
https://github.com/dnnsoftware/Dnn.Platform
9
https://github.com/thorsten/phpMyFAQ
9
https://github.com/jenkinsci/git-plugin
9
https://github.com/dpgaspar/Flask-AppBuilder
9
https://github.com/rancher/rancher
9
https://github.com/urllib3/urllib3
9
https://github.com/pimcore/admin-ui-classic-bundle
9
https://github.com/publify/publify
9
https://github.com/alkacon/opencms-core
9
https://github.com/fatfreecrm/fat_free_crm
9
https://github.com/jquery/jquery
9
https://github.com/rubygems/rubygems
8
https://github.com/apache/superset
8
https://github.com/onionshare/onionshare
8
https://github.com/nilsteampassnet/teampass
8
https://github.com/modoboa/modoboa
8
https://github.com/sulu/sulu
8
https://github.com/sparklemotion/nokogiri
8
https://github.com/hashicorp/nomad
8
https://github.com/kubeedge/kubeedge
8
https://github.com/rails/rails-html-sanitizer
8
https://github.com/dotnet/runtime
8
https://github.com/pandao/editor.md
8
https://github.com/denoland/deno
8
https://github.com/LavaLite/cms
8
https://github.com/OctoPrint/OctoPrint
8
https://github.com/openstack/glance
8
https://github.com/getgrav/grav
8
https://github.com/eclipse/jetty.project
8
https://github.com/dolibarr/dolibarr
8
https://github.com/opensearch-project/security
8
https://github.com/zendframework/zendframework
8
https://github.com/pyload/pyload
8
https://github.com/parse-community/parse-server
8
https://github.com/swagger-api/swagger-ui
8
https://github.com/gogs/gogs
8
https://github.com/opencast/opencast
8
https://github.com/vaadin/flow
7
https://github.com/chakra-core/ChakraCore
7
https://github.com/google/fscrypt
7
https://github.com/dragonflyoss/dragonfly
7
https://github.com/containers/podman
7
https://github.com/OPCFoundation/UA-.NETStandard
7
https://github.com/croogo/croogo
7
https://github.com/nahsra/antisamy
7
https://github.com/modxcms/revolution
7
https://github.com/janeczku/calibre-web
7
https://github.com/jeecgboot/jeecg-boot
7
https://github.com/opencv/opencv
7
https://github.com/jupyter/notebook
7
https://github.com/twbs/bootstrap
7
https://github.com/igniterealtime/Openfire
7
https://github.com/opencontainers/runc
7
https://github.com/hashicorp/vault
7
https://github.com/n8n-io/n8n
7
https://github.com/matrix-org/matrix-rust-sdk
7
https://github.com/zitadel/zitadel
7
https://github.com/Leantime/leantime
7
https://github.com/vega/vega
7
https://github.com/Sylius/Sylius
7
https://github.com/python-pillow/Pillow
7
https://github.com/jenkinsci/blueocean-plugin
7
https://github.com/MobSF/Mobile-Security-Framework-MobSF
7
https://github.com/scrapy/scrapy
7
https://github.com/undertow-io/undertow
7
https://github.com/kevinpapst/kimai2
7
https://github.com/nocodb/nocodb
7
https://github.com/openstack/horizon
7
https://github.com/NodeBB/NodeBB
6
https://github.com/openbao/openbao
6
https://github.com/pallets/jinja
6
https://github.com/zenml-io/zenml
6
https://github.com/yiisoft/yii2
6
https://github.com/spatie/browsershot
6
https://github.com/dompdf/dompdf
6
https://github.com/panva/jose
6
https://github.com/FlowiseAI/Flowise
6
https://github.com/cri-o/cri-o
6
https://github.com/wagtail/wagtail
6
https://github.com/giampaolo/pyftpdlib
6
https://github.com/psf/requests
6
https://github.com/tecnickcom/TCPDF
6
https://github.com/jenkinsci/config-file-provider-plugin
6
https://github.com/jenkinsci/configuration-as-code-plugin
6
https://github.com/pimcore/customer-data-framework
6
https://github.com/jquery/jquery-ui
6
https://github.com/matrix-org/matrix-js-sdk
6
https://github.com/louislam/uptime-kuma
6
https://github.com/jenkinsci/subversion-plugin
6
https://github.com/owen2345/camaleon-cms
6