Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Moderate Security Advisories for https://github.com/shopware/platform from github Clear Filters

Moderate
over 3 years ago

Shopware has Improper Input Validation issue in newsletter subscription GSA_kwCzR0hTQS00Nmg3LXZqN3gtZnhnMs4AAxG8

packagist shopware/core, shopware/platform
Moderate
over 3 years ago

Shopware vulnerable to Improper Input Validation of Clearance sale in cart GSA_kwCzR0hTQS04cjZoLW03MnYtMzhmZ84AAxBj

packagist shopware/core, shopware/platform
Moderate
over 4 years ago

Incorrect Authentication in shopware GSA_kwCzR0hTQS04M3ZwLTZqcWctNmNtcs0xMg

packagist shopware/core
Moderate
over 4 years ago

HTTP caching is marking private HTTP headers as public in Shopware GSA_kwCzR0hTQS02d3JoLTI3OWotNmh2d80xMQ

packagist shopware/storefront, shopware/core, shopware/platform
Moderate
over 4 years ago

HTML injection possibility in voucher code form in Shopware GSA_kwCzR0hTQS05NTJwLWZxY3AtZzhwY80xMA

packagist shopware/storefront, shopware/core, shopware/platform
Moderate
over 4 years ago

Shopware guest session is shared between customers GSA_kwCzR0hTQS1qcDZoLW14aHgtcGdxaM0xLg

packagist shopware/storefront, shopware/platform
Moderate
almost 5 years ago

Exposure of Sensitive Information to an Unauthorized Actor MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4djktM2pqcS1ydnA0

packagist shopware/platform
Moderate
almost 5 years ago

Insecure direct object reference of log files of the Import/Export feature MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0Z3AtcWZmOC05NDZj

packagist shopware/core, shopware/platform
Moderate
almost 5 years ago

Manipulation of product reviews via API MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlmOGYtNTc0cS04am1m

packagist shopware/core, shopware/platform
Moderate
almost 5 years ago

Missing Authentication for Critical Function MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2OTYtZ2Y1OC05dzk3

packagist shopware/platform
Moderate
almost 5 years ago

non-admin users can create integration role with administrator role MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0M3EtZzlqMy1xZjZy

packagist shopware/core, shopware/platform
Moderate
almost 5 years ago

Internal hidden fields are visible on to many associations in admin api MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwbWgtZzk0Zy1xcmhy

packagist shopware/core, shopware/platform
Moderate
almost 5 years ago

Canceling of orders not related to the logged-in user MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxM3ItandycS14ZzZ3

packagist shopware/platform
Moderate
about 5 years ago

Exposure of .env if project root is configured as web root in shopware/production MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwY3ItNDk4Mi01NDht

packagist shopware/shopware
Moderate
over 5 years ago

Authenticated remote code execution MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqajQtampnYy1oM3I4

packagist shopware/platform
Moderate
over 5 years ago

Authenticated XML External Entity Processing MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh4djktcWNyOS13dzlq

packagist shopware/core, shopware/platform

Filter by Severity

Moderate 13,637 High 11,065 Critical 4,211 Low 2,226

Filter by Source

CPAN Security Advisory Database 890 Erlang Ecosystem Foundation 101 GitHub Advisory Database 31,914

Filter by Ecosystem

maven 3,586 packagist 3,555 pypi 2,588 npm 2,336 go 2,039 nuget 1,786 cargo 546 rubygems 475 hex 25 swift 20 actions 16 pub 3

Filter by Package

moodle/moodle 318 openclaw 277 tensorflow 200 magento/community-edition 193 tensorflow-cpu 189 tensorflow-gpu 185 org.jenkins-ci.main:jenkins-core 152 github.com/mattermost/mattermost/server/v8 126 typo3/cms 120 com.liferay.portal:release.portal.bom 113 github.com/mattermost/mattermost-server 110 org.apache.tomcat:tomcat 99 pimcore/pimcore 91 com.liferay.portal:release.dxp.bom 82 typo3/cms-core 78 Magick.NET-Q16-AnyCPU 76 Magick.NET-Q16-HDRI-AnyCPU 74 Magick.NET-Q16-HDRI-x86 72 microweber/microweber 72 Magick.NET-Q16-HDRI-OpenMP-arm64 71 Magick.NET-Q16-HDRI-x64 71 Magick.NET-Q16-HDRI-arm64 70 wwbn/avideo 70 Magick.NET-Q16-OpenMP-arm64 70 Magick.NET-Q16-OpenMP-x64 69 Magick.NET-Q8-AnyCPU 67 Magick.NET-Q16-arm64 67 silverstripe/framework 66 Magick.NET-Q16-x86 66 Magick.NET-Q8-OpenMP-arm64 65 Magick.NET-Q8-arm64 64 Magick.NET-Q8-x86 63 Magick.NET-Q16-x64 63 thorsten/phpmyfaq 62 Magick.NET-Q8-OpenMP-x64 62 apache-airflow 60 Magick.NET-Q8-x64 59 magento/project-community-edition 58 dolibarr/dolibarr 56 phpmyadmin/phpmyadmin 56 drupal/core 55 craftcms/cms 54 github.com/usememos/memos 54 librenms/librenms 53 Magick.NET-Q16-HDRI-OpenMP-x64 53 concrete5/concrete5 52 symfony/symfony 50 apache-superset 47 mantisbt/mantisbt 46 n8n 44 actionpack 44 Django 44 open-webui 44 org.keycloak:keycloak-services 40 Magick.NET-Q16-OpenMP-x86 40 nocodb 40 drupal/drupal 38 picklescan 37 parse-server 37 github.com/grafana/grafana 36 showdoc/showdoc 35 org.elasticsearch:elasticsearch 35 shopware/platform 34 directus 34 admidio/admidio 32 org.keycloak:keycloak-core 32 snipe/snipe-it 32 nova 30 getgrav/grav 30 hono 30 pypdf 29 plone 29 github.com/mattermost/mattermost-server/v6 29 baserproject/basercms 29 intelliants/subrion 28 shopware/core 28 getkirby/cms 28 moin 27 ansible 27 rack 26 mautic/core 26 vllm 25 coreutils 25 k8s.io/kubernetes 25 Plone 24 aiohttp 24 next 23 phpmyfaq/phpmyfaq 22 github.com/hashicorp/vault 22 froxlor/froxlor 22 github.com/cilium/cilium 22 grumpydictator/firefly-iii 22 code.vikunja.io/api 21 gradio 21 github.com/traefik/traefik/v2 21 github.com/answerdev/answer 21 matrix-synapse 21 wasmtime 21 code.gitea.io/gitea 21 DotNetNuke.Core 21 flowise 21 nilsteampassnet/teampass 21 mediawiki/core 20 django 20 shopware/shopware 20 github.com/openfga/openfga 20 github.com/traefik/traefik/v3 20 electron 19 org.apache.struts:struts2-core 19 gogs.io/gogs 18 dompurify 18 github.com/docker/docker 18 remdex/livehelperchat 18 org.apache.tomcat.embed:tomcat-embed-core 18 contao/core-bundle 18 pyload-ng 18 github.com/fleetdm/fleet/v4 17 github.com/argoproj/argo-cd/v2 17 org.opencms:opencms-core 17 salt 17 github.com/hashicorp/consul 17 prestashop/prestashop 17 typo3/cms-backend 16 github.com/hashicorp/nomad 16 io.undertow:undertow-core 16 nokogiri 16 rdiffweb 16 zendframework/zendframework1 16 statamic/cms 16 com.liferay.portal:com.liferay.portal.impl 15 org.apache.jspwiki:jspwiki-main 15 yetiforce/yetiforce-crm 15 github.com/siyuan-note/siyuan/kernel 15 org.xwiki.platform:xwiki-platform-oldcore 15 glance 15 vyper 15 puppet 14 activesupport 14 feehi/feehicms 14 org.springframework.security:spring-security-core 14 weblate 14 feehi/cms 14 axios 14 wagtail 14 github.com/goharbor/harbor 14 deno 14 tinymce 14 transformers 13 svelte 13 com.thoughtworks.xstream:xstream 13 com.jfinal:jfinal 13 vite 13 keystone 13 Umbraco.Cms 13 helm.sh/helm/v3 13 tribalsystems/zenario 13 ghost 13 forkcms/forkcms 13 github.com/zitadel/zitadel 13 sylius/sylius 13 github.com/argoproj/argo-cd 12 @openzeppelin/contracts-upgradeable 12 github.com/rancher/rancher 12 @openzeppelin/contracts 12 roundup 12 github.com/filebrowser/filebrowser/v2 12 simplesamlphp/simplesamlphp 12 github.com/containerd/containerd 12 phpoffice/phpspreadsheet 12 lavalite/cms 12 facturascripts/facturascripts 12 ec-cube/ec-cube 12 github.com/ethereum/go-ethereum 12 wallabag/wallabag 12 github.com/traefik/traefik 12 horizon 11 TinyMCE 11 org.eclipse.jetty:jetty-server 11 surrealdb 11 nicegui 11 kubevirt.io/kubevirt 11 laravel/framework 11 ci4-cms-erp/ci4ms 11 org.bouncycastle:bcprov-jdk15on 11 org.keycloak:keycloak-parent 11 undici 11 ckeditor4 11 genix/cms 11 tinymce/tinymce 11 astro 11 renovate 11 OctoPrint 11 ckan 11 craftcms/commerce 11 io.netty:netty-codec-http 11 mlflow 11 kimai/kimai 10 org.apache.jspwiki:jspwiki-war 10 github.com/openbao/openbao 10 sulu/sulu 10

Filter by Repository

https://github.com/tensorflow/tensorflow 200 https://github.com/moodle/moodle 192 https://github.com/liferay/liferay-portal 143 https://github.com/jenkinsci/jenkins 109 https://github.com/pimcore/pimcore 85 https://github.com/microweber/microweber 63 https://github.com/TYPO3/typo3 63 https://github.com/apache/tomcat 59 https://github.com/usememos/memos 50 https://github.com/django/django 50 https://github.com/silverstripe/silverstripe-framework 50 https://github.com/xwiki/xwiki-platform 50 https://github.com/rails/rails 46 https://github.com/keycloak/keycloak 45 https://github.com/thorsten/phpmyfaq 45 https://github.com/apache/airflow 44 https://github.com/librenms/librenms 42 https://github.com/kubernetes/kubernetes 40 https://github.com/mattermost/mattermost 36 https://github.com/mantisbt/mantisbt 35 https://github.com/mmaitre314/picklescan 34 https://github.com/star7th/showdoc 32 https://github.com/concretecms/concretecms 28 https://github.com/symfony/symfony 27 https://github.com/mautic/mautic 27 https://github.com/grafana/grafana 27 https://github.com/phpmyadmin/phpmyadmin 26 https://github.com/spring-projects/spring-framework 26 https://github.com/craftcms/cms 26 https://github.com/ansible/ansible 26 https://github.com/directus/directus 24 https://github.com/argoproj/argo-cd 24 https://github.com/shopware/shopware 24 https://github.com/umbraco/Umbraco-CMS 23 https://github.com/Dolibarr/dolibarr 22 https://github.com/answerdev/answer 21 https://github.com/apache/activemq 20 https://github.com/magento/magento2 20 https://github.com/plone/Products.CMFPlone 20 https://github.com/firefly-iii/firefly-iii 20 https://github.com/snipe/snipe-it 20 https://github.com/cilium/cilium 19 https://github.com/livehelperchat/livehelperchat 18 https://github.com/contao/contao 18 https://github.com/openstack/nova 18 https://github.com/apache/struts 17 https://github.com/gradio-app/gradio 16 https://github.com/shopware/platform 16 https://github.com/matrix-org/synapse 16 https://github.com/ikus060/rdiffweb 16 https://github.com/apache/cxf 15 https://github.com/getkirby/kirby 15 https://github.com/netty/netty 15 https://github.com/CVEProject/cvelist 15 https://github.com/vyperlang/vyper 15 https://github.com/saltstack/salt 14 https://github.com/x-stream/xstream 14 https://github.com/TYPO3/TYPO3.CMS 14 https://github.com/tinymce/tinymce 14 https://github.com/OpenNMS/opennms 14 https://github.com/PaddlePaddle/Paddle 14 https://github.com/froxlor/froxlor 14 https://github.com/baserproject/basercms 14 https://github.com/geoserver/geoserver 14 https://github.com/yetiforcecompany/yetiforcecrm 14 https://github.com/moby/moby 14 https://github.com/rack/rack 13 https://github.com/goharbor/harbor 13 https://github.com/octobercms/october 13 https://github.com/PrestaShop/PrestaShop 13 https://github.com/containerd/containerd 13 https://github.com/openfga/openfga 13 https://github.com/strapi/strapi 13 https://github.com/nilsteampassnet/TeamPass 13 https://github.com/go-gitea/gitea 13 https://github.com/bcgit/bc-java 13 https://github.com/apache/nifi 13 https://github.com/OpenZeppelin/openzeppelin-contracts 12 https://github.com/huggingface/transformers 12 https://github.com/traefik/traefik 12 https://github.com/helm/helm 12 https://github.com/TYPO3-CMS/core 12 https://github.com/openstack/keystone 12 https://github.com/hashicorp/consul 12 https://github.com/vitejs/vite 11 https://github.com/apache/zeppelin 11 https://github.com/intelliants/subrion 11 https://github.com/vaadin/platform 11 https://github.com/rancher/rancher 11 https://github.com/ethereum/go-ethereum 11 https://github.com/github/advisory-database 11 https://github.com/laravel/framework 11 https://github.com/forkcms/forkcms 11 https://github.com/surrealdb/surrealdb 11 https://github.com/dnnsoftware/Dnn.Platform 11 https://github.com/electron/electron 11 https://github.com/ckeditor/ckeditor4 11 https://github.com/wallabag/wallabag 10 https://github.com/vllm-project/vllm 10 https://github.com/greenpau/caddy-security 10 https://github.com/decidim/decidim 10 https://github.com/simplesamlphp/simplesamlphp 10 https://github.com/liufee/cms 10 https://github.com/TryGhost/Ghost 10 https://github.com/bytecodealliance/wasmtime 10 https://github.com/backstage/backstage 10 https://github.com/laurent22/joplin 10 https://github.com/aio-libs/aiohttp 10 https://github.com/PHPOffice/PhpSpreadsheet 10 https://github.com/vercel/next.js 10 https://github.com/thorsten/phpMyFAQ 9 https://github.com/sparklemotion/nokogiri 9 https://github.com/opencast/opencast 9 https://github.com/fatfreecrm/fat_free_crm 9 https://github.com/OctoPrint/OctoPrint 9 https://github.com/jquery/jquery 9 https://github.com/dotnet/runtime 9 https://github.com/puppetlabs/puppet 9 https://github.com/alkacon/opencms-core 9 https://github.com/jenkinsci/git-plugin 9 https://github.com/dpgaspar/Flask-AppBuilder 9 https://github.com/pimcore/admin-ui-classic-bundle 9 https://github.com/urllib3/urllib3 9 https://github.com/publify/publify 9 https://github.com/sulu/sulu 8 https://github.com/kubeedge/kubeedge 8 https://github.com/gogs/gogs 8 https://github.com/ckan/ckan 8 https://github.com/dolibarr/dolibarr 8 https://github.com/LavaLite/cms 8 https://github.com/pandao/editor.md 8 https://github.com/onionshare/onionshare 8 https://github.com/eclipse/jetty.project 8 https://github.com/getgrav/grav 8 https://github.com/opensearch-project/security 8 https://github.com/hashicorp/nomad 8 https://github.com/zendframework/zendframework 8 https://github.com/modoboa/modoboa 8 https://github.com/pyload/pyload 8 https://github.com/nilsteampassnet/teampass 8 https://github.com/rubygems/rubygems 8 https://github.com/openbao/openbao 8 https://github.com/apache/superset 8 https://github.com/parse-community/parse-server 8 https://github.com/rails/rails-html-sanitizer 8 https://github.com/swagger-api/swagger-ui 8 https://github.com/FlowiseAI/Flowise 8 https://github.com/openstack/glance 8 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/matrix-org/matrix-rust-sdk 7 https://github.com/igniterealtime/Openfire 7 https://github.com/denoland/deno 7 https://github.com/Leantime/leantime 7 https://github.com/nocodb/nocodb 7 https://github.com/vega/vega 7 https://github.com/modxcms/revolution 7 https://github.com/treeverse/lakeFS 7 https://github.com/vaadin/flow 7 https://github.com/python-pillow/Pillow 7 https://github.com/openstack/horizon 7 https://github.com/zenml-io/zenml 7 https://github.com/chakra-core/ChakraCore 7 https://github.com/croogo/croogo 7 https://github.com/opencv/opencv 7 https://github.com/twbs/bootstrap 7 https://github.com/OPCFoundation/UA-.NETStandard 7 https://github.com/Sylius/Sylius 7 https://github.com/StarCitizenTools/mediawiki-skins-Citizen 7 https://github.com/jupyter/notebook 7 https://github.com/zitadel/zitadel 7 https://github.com/MobSF/Mobile-Security-Framework-MobSF 7 https://github.com/containers/podman 7 https://github.com/louislam/uptime-kuma 7 https://github.com/kevinpapst/kimai2 7 https://github.com/bagisto/bagisto 7 https://github.com/undertow-io/undertow 7 https://github.com/py-pdf/pypdf 7 https://github.com/hashicorp/vault 7 https://github.com/scrapy/scrapy 7 https://github.com/google/fscrypt 7 https://github.com/jeecgboot/jeecg-boot 7 https://github.com/opencontainers/runc 7 https://github.com/nahsra/antisamy 7 https://github.com/dragonflyoss/dragonfly 7 https://github.com/n8n-io/n8n 7 https://github.com/janeczku/calibre-web 7 https://github.com/kubevirt/kubevirt 7 https://github.com/jenkinsci/subversion-plugin 6 https://github.com/matrix-org/matrix-js-sdk 6 https://github.com/cui2shark/security 6 https://github.com/run-llama/llama_index 6 https://github.com/pallets/jinja 6 https://github.com/quarkusio/quarkus 6 https://github.com/sfackler/rust-openssl 6 https://github.com/jenkinsci/script-security-plugin 6 https://github.com/owen2345/camaleon-cms 6 https://github.com/withastro/astro 6 https://github.com/pmmp/PocketMine-MP 6 https://github.com/pimcore/customer-data-framework 6