Browse Security Advisories
Security Advisories for https://github.com/pimcore/pimcore Clear Filters
Moderate
about 1 year ago
Pimcore Vulnerable to SQL Injection in getRelationFilterCondition
packagist
pimcore/pimcore
Moderate
over 1 year ago
pimcore/customer-data-framework vulnerable to SQL Injection
packagist
pimcore/customer-management-framework-bundle
High
over 1 year ago
Pimcore Authenticated Stored Cross-Site Scripting (XSS) Via Search Document
packagist
pimcore/pimcore
High
over 1 year ago
Pimcore includes vulnerable PHPOffice/PhpSpreadsheet
packagist
pimcore/pimcore, pimcore/admin-ui-classic-bundle, pimcore/data-importer
Moderate
about 2 years ago
Pimcore TinyMCE Bundle - tinymce CVE-2024-29203, CVE-2024-29881
packagist
pimcore/pimcore
Moderate
about 2 years ago
Pimcore Preview Documents are not restricted to logged in users anymore
packagist
pimcore/pimcore
High
over 2 years ago
Pimcore SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt()
packagist
pimcore/pimcore
Moderate
over 2 years ago
Pimcore Cross-site Scripting (XSS) vulnerability in DataObject datetime fields
packagist
pimcore/pimcore
Moderate
almost 3 years ago
Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction
packagist
pimcore/pimcore
High
almost 3 years ago
Pimcore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
packagist
pimcore/pimcore
High
almost 3 years ago
Pimcore vulnerable to SQL Injection in Dataobjects sorting
packagist
pimcore/pimcore
Moderate
almost 3 years ago
Pimcore vulnerable to Pre-Auth Path Traversal in pimcore_log parameter
packagist
pimcore/pimcore
Moderate
almost 3 years ago
Pimcore Privilege Defined With Unsafe Actions vulnerability
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore Cross-site Scripting (XSS) vulnerability in Admin Translations
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore Cross-site Scripting (XSS) in Static Routes name field
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore Cross-site Scripting (XSS) in name field of Custom Reports
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore Cross-site Scripting (XSS) in Predefined Properties delete
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in DataObject columns grid
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in DataObject Any Getter grid operator
packagist
pimcore/pimcore
Moderate
about 3 years ago
Path Traversal in Asset "import from server" option
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in Conditions tab of Pricing Rules
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in DataObjects QuantityValue Unit Definition
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in pimcore via DataObject Class date fields
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in Ecommerce Pricing Rules name field
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in Document Properties Parameter
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in Website Settings name field
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in Admin Login too many attempts notice
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in DataObject Classification Store
packagist
pimcore/pimcore
Moderate
about 3 years ago
pimcore is vulnerable to cross-site scripting in Composite indices key field
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore vulnerable to Reflected XSS in Predefined Properties module in Settings
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore Cross-site Scripting in Predefined Asset Metadata module in Settings
packagist
pimcore/pimcore
Moderate
about 3 years ago
pimcore is vulnerable to cross-site scripting in translate module
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore vulnerable to improper quoting of filters in Custom Reports
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore Remote Code Execution vulnerability in Search function
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore vulnerable to Cross-site Scripting (XSS) in Redirects
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore has Cross site Scripting vulnerability in Schedule tab of Documents
packagist
pimcore/pimcore
High
about 3 years ago
Improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) in UrlSlug Data type
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross-site Scripting (XSS) - stored in Print Documents
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore vulnerable to Cross Site Scripting in Email Blacklist
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore vulnerable to Cross Site Scripting in image/video thumbnail config
packagist
pimcore/pimcore
Moderate
about 3 years ago
Pimcore vulnerable to Cross Site Scripting in Documents Link Editable
packagist
pimcore/pimcore
Moderate
about 3 years ago
Cross Site Scripting (XSS) in Model\DataObject\Data\UrlSlug
packagist
pimcore/pimcore
Moderate
over 3 years ago
Pimcore contains Unrestricted Upload of File with Dangerous Type
packagist
pimcore/pimcore
Moderate
over 3 years ago
pimcore is vulnerable to cross-site scripting via "title field " in data objects
packagist
pimcore/pimcore
Critical
over 3 years ago
RCE vulnerability in Pimcore/Mail & Dynamic Text Layout
packagist
pimcore/pimcore
Moderate
over 3 years ago
Pimcore vulnerable to stored stored Cross-site Scripting via`properties` when creating new users
packagist
pimcore/pimcore
High
almost 4 years ago
Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore
packagist
pimcore/pimcore
Moderate
almost 4 years ago
Pimcore Cross-site Scripting (XSS) vulnerability
packagist
pimcore/pimcore
High
almost 4 years ago
Pimcore Unrestricted Upload of File with Dangerous Type
packagist
pimcore/pimcore
High
almost 4 years ago
Pimcore Vulnerable to PHP Object Injection Attacks
packagist
pimcore/pimcore
Filter by Severity
Filter by Source
Filter by Ecosystem
maven
7,497
npm
6,272
packagist
6,247
pypi
5,865
go
4,260
nuget
3,123
cargo
1,511
rubygems
1,010
hex
80
actions
52
swift
44
pub
11
Filter by Package
openclaw
524
moodle/moodle
437
tensorflow
433
tensorflow-cpu
405
tensorflow-gpu
395
magento/community-edition
360
org.jenkins-ci.main:jenkins-core
251
Microsoft.ChakraCore
247
github.com/mattermost/mattermost/server/v8
181
typo3/cms
165
org.apache.tomcat:tomcat
152
com.liferay.portal:release.portal.bom
151
github.com/mattermost/mattermost-server
150
wwbn/avideo
138
pimcore/pimcore
126
dolibarr/dolibarr
124
com.liferay.portal:release.dxp.bom
124
magento/project-community-edition
119
apache-airflow
111
typo3/cms-core
108
phpmyadmin/phpmyadmin
107
parse-server
107
Django
107
microweber/microweber
105
drupal/core
103
craftcms/cms
102
Magick.NET-Q16-AnyCPU
101
librenms/librenms
99
thorsten/phpmyfaq
98
Magick.NET-Q16-HDRI-AnyCPU
97
Magick.NET-Q16-HDRI-x86
95
Magick.NET-Q16-HDRI-OpenMP-arm64
93
Magick.NET-Q16-HDRI-x64
93
Magick.NET-Q16-HDRI-arm64
92
Magick.NET-Q16-OpenMP-arm64
92
Magick.NET-Q16-OpenMP-x64
92
silverstripe/framework
90
Magick.NET-Q8-AnyCPU
90
Magick.NET-Q16-x86
89
Magick.NET-Q16-arm64
88
Magick.NET-Q8-x86
85
Magick.NET-Q8-arm64
84
Magick.NET-Q8-OpenMP-arm64
84
Magick.NET-Q16-x64
83
Magick.NET-Q8-OpenMP-x64
82
Magick.NET-Q8-x64
80
Magick.NET-Q16-HDRI-OpenMP-x64
76
org.keycloak:keycloak-services
75
concrete5/concrete5
75
github.com/usememos/memos
75
n8n
73
drupal/drupal
72
com.fasterxml.jackson.core:jackson-databind
69
mlflow
67
flowise
67
salt
67
getgrav/grav
66
apache-superset
66
mantisbt/mantisbt
65
shopware/platform
65
ansible
65
Magick.NET-Q16-OpenMP-x86
63
symfony/symfony
62
github.com/grafana/grafana
60
actionpack
59
open-webui
59
picklescan
59
org.apache.struts:struts2-core
59
github.com/rancher/rancher
58
directus
56
baserproject/basercms
56
shopware/core
55
next
55
github.com/hashicorp/vault
55
Plone
54
gogs.io/gogs
51
rack
50
org.keycloak:keycloak-core
50
org.apache.tomcat.embed:tomcat-embed-core
50
mautic/core
49
django
48
froxlor/froxlor
48
nokogiri
48
electron
47
nova
47
github.com/siyuan-note/siyuan/kernel
47
gradio
47
snipe/snipe-it
46
vllm
45
org.xwiki.platform:xwiki-platform-oldcore
45
org.elasticsearch:elasticsearch
44
coreutils
44
vyper
44
pyload-ng
43
rdiffweb
43
showdoc/showdoc
42
nilsteampassnet/teampass
42
matrix-synapse
42
k8s.io/kubernetes
42
intelliants/subrion
41
plone
41
admidio/admidio
40
github.com/traefik/traefik/v2
39
net.mingsoft:ms-mcms
39
io.undertow:undertow-core
39
github.com/mattermost/mattermost-server/v6
38
wasmtime
38
com.thoughtworks.xstream:xstream
37
com.jfinal:jfinal
36
DotNetNuke.Core
36
github.com/traefik/traefik/v3
36
github.com/argoproj/argo-cd/v2
36
keystone
35
github.com/cilium/cilium
35
moin
35
github.com/answerdev/answer
34
pillow
34
org.jenkins-ci.plugins:script-security
34
getkirby/cms
34
phpmyfaq/phpmyfaq
34
code.gitea.io/gitea
33
github.com/zitadel/zitadel
33
shopware/shopware
33
aiohttp
33
org.apache.tomcat:tomcat-catalina
33
code.vikunja.io/api
33
ci4-cms-erp/ci4ms
33
vm2
32
zendframework/zendframework1
32
github.com/hashicorp/nomad
32
github.com/hashicorp/consul
32
prestashop/prestashop
31
contao/core-bundle
31
statamic/cms
31
hono
31
opencv-contrib-python
31
opencv-python
31
github.com/docker/docker
31
github.com/argoproj/argo-cd
30
pocketmine/pocketmine-mp
30
org.springframework.security:spring-security-core
30
org.apache.solr:solr-core
29
mediawiki/core
28
PraisonAI
28
Pillow
28
org.opencms:opencms-core
27
github.com/filebrowser/filebrowser/v2
27
github.com/nats-io/nats-server/v2
27
centreon/centreon
27
phpoffice/phpspreadsheet
27
org.keycloak:keycloak-parent
26
github.com/ethereum/go-ethereum
26
funadmin/funadmin
26
openmage/magento-lts
26
surrealdb
26
deno
26
org.eclipse.jetty:jetty-server
26
rubygems-update
25
nocodb
25
openssl-src
25
@anthropic-ai/claude-code
25
org.apache.openmeetings:openmeetings-parent
25
cockpit-hq/cockpit
25
pypdf
24
axios
24
ghost
24
magento/core
24
grumpydictator/firefly-iii
24
org.xwiki.platform:xwiki-platform-web-templates
23
remdex/livehelperchat
23
github.com/openfga/openfga
23
puppet
23
activerecord
23
laravel/framework
23
langflow
23
github.com/goharbor/harbor
23
org.bouncycastle:bcprov-jdk14
23
undici
22
ckb
22
october/system
22
simplesamlphp/simplesamlphp
22
litellm
22
tribalsystems/zenario
22
zendframework/zendframework
22
typo3/cms-backend
22
@openzeppelin/contracts-upgradeable
21
weblate
21
org.cloudfoundry.identity:cloudfoundry-identity-server
21
org.apache.nifi:nifi
21
@openzeppelin/contracts
21
glance
21
helm.sh/helm/v3
21
feehi/cms
21
github.com/kyverno/kyverno
21
ethyca-fides
21
bagisto/bagisto
20
wagtail
20
facturascripts/facturascripts
20
aim
20
cryptography
20
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/moodle/moodle
250
https://github.com/xwiki/xwiki-platform
222
https://github.com/chakra-core/ChakraCore
214
https://github.com/jenkinsci/jenkins
178
https://github.com/liferay/liferay-portal
170
https://github.com/django/django
121
https://github.com/apache/tomcat
118
https://github.com/pimcore/pimcore
116
https://github.com/apache/airflow
105
https://github.com/TYPO3/typo3
93
https://github.com/microweber/microweber
90
https://github.com/keycloak/keycloak
90
https://github.com/librenms/librenms
77
https://github.com/FasterXML/jackson-databind
70
https://github.com/rails/rails
70
https://github.com/thorsten/phpmyfaq
69
https://github.com/silverstripe/silverstripe-framework
68
https://github.com/usememos/memos
68
https://github.com/kubernetes/kubernetes
66
https://github.com/symfony/symfony
64
https://github.com/Dolibarr/dolibarr
60
https://github.com/mattermost/mattermost
59
https://github.com/ansible/ansible
59
https://github.com/python-pillow/Pillow
52
https://github.com/spring-projects/spring-framework
51
https://github.com/argoproj/argo-cd
50
https://github.com/apache/struts
47
https://github.com/grafana/grafana
47
https://github.com/mautic/mautic
46
https://github.com/rancher/rancher
46
https://github.com/phpmyadmin/phpmyadmin
45
https://github.com/concretecms/concretecms
44
https://github.com/vyperlang/vyper
44
https://github.com/saltstack/salt
42
https://github.com/shopware/platform
42
https://github.com/mantisbt/mantisbt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/craftcms/cms
41
https://github.com/directus/directus
41
https://github.com/shopware/shopware
40
https://github.com/star7th/showdoc
39
https://github.com/mmaitre314/picklescan
39
https://github.com/dotnet/runtime
38
https://github.com/openstack/nova
38
https://github.com/gradio-app/gradio
38
https://github.com/magento/magento2
38
https://github.com/x-stream/xstream
37
https://github.com/plone/Products.CMFPlone
37
https://github.com/mlflow/mlflow
36
https://github.com/octobercms/october
36
https://github.com/sparklemotion/nokogiri
35
https://github.com/umbraco/Umbraco-CMS
35
https://github.com/answerdev/answer
34
https://github.com/apache/activemq
34
https://github.com/parse-community/parse-server
34
https://github.com/matrix-org/synapse
32
https://github.com/go-gitea/gitea
32
https://github.com/opencv/opencv
32
https://github.com/cilium/cilium
31
https://github.com/apache/inlong
31
https://github.com/PaddlePaddle/Paddle
31
https://github.com/contao/contao
30
https://github.com/snipe/snipe-it
30
https://github.com/rack/rack
29
https://github.com/electron/electron
28
https://github.com/gogs/gogs
28
https://github.com/FlowiseAI/Flowise
28
https://github.com/CVEProject/cvelist
28
https://github.com/openstack/keystone
28
https://github.com/strapi/strapi
28
https://github.com/netty/netty
27
https://github.com/geoserver/geoserver
26
https://github.com/zitadel/zitadel
26
https://github.com/github/advisory-database
26
https://github.com/froxlor/froxlor
26
https://github.com/baserproject/basercms
26
https://github.com/apache/nifi
26
https://github.com/pmmp/PocketMine-MP
25
https://github.com/bcgit/bc-java
25
https://github.com/vllm-project/vllm
25
https://github.com/vercel/next.js
25
https://github.com/denoland/deno
25
https://github.com/langchain-ai/langchain
25
https://github.com/surrealdb/surrealdb
25
https://github.com/traefik/traefik
25
https://github.com/pyload/pyload
24
https://github.com/getgrav/grav
24
https://github.com/hashicorp/consul
24
https://github.com/run-llama/llama_index
24
https://github.com/apache/cxf
24
https://github.com/TYPO3/TYPO3.CMS
23
https://github.com/livehelperchat/livehelperchat
23
https://github.com/eclipse/jetty.project
23
https://github.com/moby/moby
23
https://github.com/bytecodealliance/wasmtime
23
https://github.com/nilsteampassnet/TeamPass
23
https://github.com/firefly-iii/firefly-iii
23
https://github.com/PrestaShop/PrestaShop
23
https://github.com/dnnsoftware/Dnn.Platform
23
https://github.com/getkirby/kirby
22
https://github.com/PHPOffice/PhpSpreadsheet
22
https://github.com/jenkinsci/script-security-plugin
22
https://github.com/helm/helm
22
https://github.com/nervosnetwork/ckb
22
https://github.com/undertow-io/undertow
21
https://github.com/hashicorp/vault
21
https://github.com/goharbor/harbor
21
https://github.com/OpenZeppelin/openzeppelin-contracts
21
https://github.com/laravel/framework
21
https://github.com/OpenNMS/opennms
20
https://github.com/opencast/opencast
20
https://github.com/funadmin/funadmin
20
https://github.com/ethyca/fides
20
https://github.com/jeecgboot/jeecg-boot
20
https://github.com/alkacon/opencms-core
19
https://github.com/containerd/containerd
19
https://github.com/huggingface/transformers
19
https://github.com/nilsteampassnet/teampass
19
https://github.com/backstage/backstage
19
https://github.com/TYPO3-CMS/core
19
https://github.com/intelliants/subrion
19
https://github.com/simplesamlphp/simplesamlphp
19
https://github.com/cloudfoundry/uaa
19
https://github.com/opencontainers/runc
18
https://github.com/OpenMage/magento-lts
18
https://github.com/apache/camel
18
https://github.com/rubygems/rubygems
18
https://github.com/vaadin/platform
18
https://github.com/mindsdb/mindsdb
17
https://github.com/ethereum/go-ethereum
17
https://github.com/apache/kylin
17
https://github.com/liufee/cms
17
https://github.com/openfga/openfga
17
https://github.com/vantage6/vantage6
17
https://github.com/pyca/cryptography
16
https://github.com/yetiforcecompany/yetiforcecrm
16
https://github.com/dotnet/aspnetcore
16
https://github.com/etcd-io/etcd
16
https://github.com/tinymce/tinymce
16
https://github.com/hashicorp/nomad
16
https://github.com/forkcms/forkcms
16
https://github.com/rusqlite/rusqlite
16
https://github.com/sequelize/sequelize
16
https://github.com/quarkusio/quarkus
16
https://github.com/vitejs/vite
16
https://github.com/decidim/decidim
15
https://github.com/xuxueli/xxl-job
15
https://github.com/zendframework/zendframework
15
https://github.com/OPCFoundation/UA-.NETStandard
15
https://github.com/containers/podman
15
https://github.com/puppetlabs/puppet
15
https://github.com/centreon/centreon
15
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/ckeditor/ckeditor4
15
https://github.com/drupal/core
15
https://github.com/cobbler/cobbler
15
https://github.com/thorsten/phpMyFAQ
15
https://github.com/spring-projects/spring-security
15
https://github.com/dompdf/dompdf
15
https://github.com/aio-libs/aiohttp
15
https://github.com/nodejs/undici
15
https://github.com/PHPMailer/PHPMailer
15
https://github.com/pimcore/admin-ui-classic-bundle
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/TryGhost/Ghost
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/Graylog2/graylog2-server
14
https://github.com/publify/publify
14
https://github.com/twisted/twisted
14
https://github.com/ming-soft/MCMS
14
https://github.com/golang/go
14
https://github.com/apache/zeppelin
14
https://github.com/cockpit-hq/cockpit
14
https://github.com/apache/superset
14
https://github.com/cosmos/cosmos-sdk
14
https://github.com/ImageMagick/ImageMagick
14
https://github.com/urllib3/urllib3
14
https://github.com/rails/rails-html-sanitizer
14
https://github.com/janeczku/calibre-web
14
https://github.com/h2oai/h2o-3
13
https://github.com/swagger-api/swagger-ui
13
https://github.com/1Panel-dev/1Panel
13
https://github.com/erlang/otp
13
https://github.com/zenml-io/zenml
13
https://github.com/OctoPrint/OctoPrint
13
https://github.com/dromara/hutool
13
https://github.com/openbao/openbao
13
https://github.com/OpenRefine/OpenRefine
13
https://github.com/laurent22/joplin
13
https://github.com/apache/dolphinscheduler
13
https://github.com/modoboa/modoboa
13
https://github.com/NodeBB/NodeBB
12
https://github.com/igniterealtime/Openfire
12
https://github.com/openstack/glance
12
https://github.com/getsentry/sentry
12
https://github.com/n8n-io/n8n
12
https://github.com/YesWiki/yeswiki
12
https://github.com/smarty-php/smarty
12