Browse Security Advisories
Moderate Security Advisories for https://github.com/umbraco/Umbraco-CMS Clear Filters
Moderate
3 months ago
Umbraco Delivery API allows for cached requests to be returned with an invalid API key
nuget
Umbraco.Cms.Api.Delivery
Moderate
5 months ago
Umbraco Vulnerable to By-Pass of Configured Allowed Extensions for File Uploads
nuget
Umbraco.Cms
Moderate
5 months ago
Umbraco Makes User Enumeration Feasible Based on Timing of Login Response
nuget
Umbraco.Cms
Moderate
7 months ago
Umbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized Content
nuget
Umbraco.Cms.Web.Backoffice
Moderate
7 months ago
Umbraco Allows Improper API Access Control to Low-Privilege Users to Data Type Functionality
nuget
Umbraco.Cms.Api.Management
Moderate
9 months ago
Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes
nuget
Umbraco.Cms
Moderate
9 months ago
XSS/HTML Injection Vulnerability in Umbraco Backoffice Components
npm, nuget
@umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Moderate
12 months ago
Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out
nuget
Umbraco.CMS
Moderate
12 months ago
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice
nuget
Umbraco.Cms, UmbracoCms
Moderate
12 months ago
Umbraco CMS logout page displayed before session expiration
nuget
UmbracoCMS, Umbraco.CMS
Moderate
12 months ago
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section
npm, nuget
@umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Moderate
about 1 year ago
Umbraco CMS vulnerable to Generation of Error Message Containing Sensitive Information
nuget
Umbraco.Cms.Api.Management
Moderate
over 1 year ago
Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane
nuget
UmbracoCms.Core
Moderate
over 1 year ago
Umbraco CMS Open Redirect Bypass Protection
nuget
Umbraco.Cms.Web.BackOffice, UmbracoCms.Core
Moderate
over 1 year ago
Blind SSRF Leads to Port Scan by using Webhooks
nuget
Umbraco.Cms.Web.BackOffice, Umbraco.Cms.Core
Filter by Severity
Filter by Ecosystem
maven
3,280
packagist
2,976
pypi
2,043
npm
1,396
go
1,309
nuget
540
rubygems
419
cargo
395
hex
16
swift
11
actions
8
pub
2
Filter by Package
moodle/moodle
306
tensorflow
199
tensorflow-cpu
190
tensorflow-gpu
183
magento/community-edition
151
org.jenkins-ci.main:jenkins-core
148
typo3/cms
117
com.liferay.portal:release.portal.bom
108
org.apache.tomcat:tomcat
91
pimcore/pimcore
87
github.com/mattermost/mattermost/server/v8
83
com.liferay.portal:release.dxp.bom
80
typo3/cms-core
73
microweber/microweber
72
silverstripe/framework
67
phpmyadmin/phpmyadmin
56
dolibarr/dolibarr
55
drupal/core
51
github.com/usememos/memos
50
magento/project-community-edition
48
thorsten/phpmyfaq
47
concrete5/concrete5
46
apache-superset
45
actionpack
45
librenms/librenms
45
apache-airflow
44
Django
39
drupal/drupal
38
Plone
35
org.elasticsearch:elasticsearch
35
showdoc/showdoc
34
picklescan
34
mantisbt/mantisbt
33
org.keycloak:keycloak-core
32
github.com/mattermost/mattermost-server
31
craftcms/cms
31
github.com/grafana/grafana
31
symfony/symfony
31
github.com/mattermost/mattermost-server/v6
30
nova
29
snipe/snipe-it
27
intelliants/subrion
27
moin
27
mautic/core
27
baserproject/basercms
26
ansible
25
k8s.io/kubernetes
24
directus
23
shopware/platform
23
github.com/hashicorp/vault
21
nilsteampassnet/teampass
21
github.com/answerdev/answer
21
org.keycloak:keycloak-services
21
froxlor/froxlor
20
gradio
20
grumpydictator/firefly-iii
20
mediawiki/core
20
matrix-synapse
20
github.com/cilium/cilium
19
shopware/shopware
19
django
19
org.apache.struts:struts2-core
19
remdex/livehelperchat
18
plone
18
contao/core-bundle
17
getkirby/cms
17
salt
17
shopware/core
17
github.com/argoproj/argo-cd/v2
17
DotNetNuke.Core
17
rack
16
zendframework/zendframework1
16
rdiffweb
16
github.com/docker/docker
16
prestashop/prestashop
16
org.apache.jspwiki:jspwiki-main
15
io.undertow:undertow-core
15
org.opencms:opencms-core
15
yetiforce/yetiforce-crm
15
vyper
15
github.com/hashicorp/nomad
15
tinymce
14
puppet
14
glance
14
github.com/hashicorp/consul
14
org.apache.tomcat.embed:tomcat-embed-core
14
org.xwiki.platform:xwiki-platform-oldcore
14
nokogiri
13
com.thoughtworks.xstream:xstream
13
github.com/openfga/openfga
13
com.jfinal:jfinal
13
github.com/goharbor/harbor
13
forkcms/forkcms
13
tribalsystems/zenario
13
keystone
13
typo3/cms-backend
13
wallabag/wallabag
12
next
12
simplesamlphp/simplesamlphp
12
roundup
12
helm.sh/helm/v3
12
transformers
12
org.springframework.security:spring-security-core
12
@openzeppelin/contracts-upgradeable
11
@openzeppelin/contracts
11
tinymce/tinymce
11
github.com/containerd/containerd
11
activesupport
11
github.com/traefik/traefik/v2
11
lavalite/cms
11
ec-cube/ec-cube
11
github.com/argoproj/argo-cd
11
org.eclipse.jetty:jetty-server
11
getgrav/grav
11
TinyMCE
11
ghost
11
feehi/feehicms
11
vllm
11
genix/cms
11
aiohttp
10
com.vaadin:vaadin-bom
10
francoisjacquet/rosariosis
10
org.apache.jspwiki:jspwiki-war
10
silverstripe/cms
10
opencart/opencart
10
fat_free_crm
10
github.com/ethereum/go-ethereum
10
notebook
10
ckeditor4
10
org.apache.nifi:nifi
10
zendframework/zendframework
10
electron
10
PaddlePaddle
10
joplin
10
surrealdb
10
org.keycloak:keycloak-parent
10
github.com/greenpau/caddy-security
10
OctoPrint
10
bolt/bolt
10
org.apache.solr:solr-core
10
vite
10
org.springframework:spring-core
10
laravel/framework
10
bootstrap
10
com.liferay.portal:com.liferay.portal.impl
10
org.opencrx:opencrx-core-models
9
pimcore/admin-ui-classic-bundle
9
org.apache.activemq:activemq-client
9
calibreweb
9
open-webui
9
gogs.io/gogs
9
org.apache.tomcat:tomcat-coyote
9
horizon
9
org.jenkins-ci.plugins:script-security
9
publify_core
9
contao/contao
9
rubygems-update
9
cakephp/cakephp
9
org.mortbay.jetty:jetty
9
wasmtime
9
org.jenkins-ci.plugins:git
9
org.bouncycastle:bcprov-jdk14
9
angular
9
code.gitea.io/gitea
9
org.igniterealtime.openfire:parent
9
github.com/rancher/rancher
9
urllib3
9
pyftpdlib
9
neutron
8
phpbb/phpbb
8
org.jenkins-ci.plugins:electricflow
8
sulu/sulu
8
opencv-contrib-python
8
sylius/sylius
8
org.opensearch.plugin:opensearch-security
8
org.jenkins-ci.plugins:subversion
8
org.apache.ranger:ranger
8
bagisto/bagisto
8
rails-html-sanitizer
8
validator
8
activerecord
8
github.com/mattermost/mattermost-plugin-confluence
8
impresscms/impresscms
8
editor.md
8
org.apache.archiva:archiva
8
phpoffice/phpspreadsheet
8
flowise
8
github.com/kubeedge/kubeedge
8
pyload-ng
8
onionshare-cli
8
centreon/centreon
8
github.com/cri-o/cri-o
8
mlflow
8
opencv-python
8
Microsoft.ChakraCore
8
parse-server
8
camaleon_cms
8
alextselegidis/easyappointments
8
modoboa
8
org.apache.tomcat:tomcat-catalina
8
Filter by Repository
https://github.com/tensorflow/tensorflow
200
https://github.com/moodle/moodle
186
https://github.com/liferay/liferay-portal
131
https://github.com/jenkinsci/jenkins
109
https://github.com/pimcore/pimcore
85
https://github.com/TYPO3/typo3
64
https://github.com/microweber/microweber
63
https://github.com/apache/tomcat
62
https://github.com/django/django
50
https://github.com/usememos/memos
50
https://github.com/xwiki/xwiki-platform
50
https://github.com/silverstripe/silverstripe-framework
50
https://github.com/rails/rails
46
https://github.com/thorsten/phpmyfaq
45
https://github.com/apache/airflow
43
https://github.com/keycloak/keycloak
43
https://github.com/librenms/librenms
42
https://github.com/kubernetes/kubernetes
40
https://github.com/mmaitre314/picklescan
34
https://github.com/star7th/showdoc
32
https://github.com/mantisbt/mantisbt
32
https://github.com/concretecms/concretecms
28
https://github.com/grafana/grafana
27
https://github.com/mautic/mautic
27
https://github.com/symfony/symfony
27
https://github.com/mattermost/mattermost
26
https://github.com/ansible/ansible
26
https://github.com/phpmyadmin/phpmyadmin
26
https://github.com/spring-projects/spring-framework
26
https://github.com/craftcms/cms
26
https://github.com/argoproj/argo-cd
24
https://github.com/directus/directus
24
https://github.com/umbraco/Umbraco-CMS
23
https://github.com/Dolibarr/dolibarr
22
https://github.com/answerdev/answer
21
https://github.com/shopware/shopware
21
https://github.com/plone/Products.CMFPlone
20
https://github.com/magento/magento2
20
https://github.com/apache/activemq
20
https://github.com/snipe/snipe-it
20
https://github.com/firefly-iii/firefly-iii
20
https://github.com/cilium/cilium
19
https://github.com/livehelperchat/livehelperchat
18
https://github.com/contao/contao
18
https://github.com/openstack/nova
18
https://github.com/shopware/platform
17
https://github.com/apache/struts
17
https://github.com/ikus060/rdiffweb
16
https://github.com/matrix-org/synapse
16
https://github.com/gradio-app/gradio
16
https://github.com/vyperlang/vyper
15
https://github.com/getkirby/kirby
15
https://github.com/apache/cxf
15
https://github.com/CVEProject/cvelist
15
https://github.com/netty/netty
15
https://github.com/x-stream/xstream
14
https://github.com/saltstack/salt
14
https://github.com/TYPO3/TYPO3.CMS
14
https://github.com/yetiforcecompany/yetiforcecrm
14
https://github.com/geoserver/geoserver
14
https://github.com/froxlor/froxlor
14
https://github.com/baserproject/basercms
14
https://github.com/PaddlePaddle/Paddle
14
https://github.com/tinymce/tinymce
14
https://github.com/moby/moby
14
https://github.com/OpenNMS/opennms
14
https://github.com/strapi/strapi
14
https://github.com/goharbor/harbor
13
https://github.com/apache/nifi
13
https://github.com/openfga/openfga
13
https://github.com/rack/rack
13
https://github.com/go-gitea/gitea
13
https://github.com/nilsteampassnet/TeamPass
13
https://github.com/PrestaShop/PrestaShop
13
https://github.com/octobercms/october
13
https://github.com/containerd/containerd
12
https://github.com/huggingface/transformers
12
https://github.com/TYPO3-CMS/core
12
https://github.com/helm/helm
12
https://github.com/bcgit/bc-java
12
https://github.com/traefik/traefik
12
https://github.com/ethereum/go-ethereum
11
https://github.com/forkcms/forkcms
11
https://github.com/electron/electron
11
https://github.com/ckeditor/ckeditor4
11
https://github.com/intelliants/subrion
11
https://github.com/apache/zeppelin
11
https://github.com/surrealdb/surrealdb
11
https://github.com/OpenZeppelin/openzeppelin-contracts
11
https://github.com/vaadin/platform
11
https://github.com/openstack/keystone
11
https://github.com/laravel/framework
11
https://github.com/github/advisory-database
11
https://github.com/wallabag/wallabag
10
https://github.com/backstage/backstage
10
https://github.com/decidim/decidim
10
https://github.com/vercel/next.js
10
https://github.com/vllm-project/vllm
10
https://github.com/vitejs/vite
10
https://github.com/aio-libs/aiohttp
10
https://github.com/bytecodealliance/wasmtime
10
https://github.com/laurent22/joplin
10
https://github.com/TryGhost/Ghost
10
https://github.com/greenpau/caddy-security
10
https://github.com/hashicorp/consul
10
https://github.com/PHPOffice/PhpSpreadsheet
10
https://github.com/liufee/cms
10
https://github.com/simplesamlphp/simplesamlphp
10
https://github.com/dotnet/runtime
9
https://github.com/urllib3/urllib3
9
https://github.com/jenkinsci/git-plugin
9
https://github.com/pimcore/admin-ui-classic-bundle
9
https://github.com/alkacon/opencms-core
9
https://github.com/thorsten/phpMyFAQ
9
https://github.com/publify/publify
9
https://github.com/dnnsoftware/Dnn.Platform
9
https://github.com/opencast/opencast
9
https://github.com/jquery/jquery
9
https://github.com/fatfreecrm/fat_free_crm
9
https://github.com/puppetlabs/puppet
9
https://github.com/rancher/rancher
9
https://github.com/dpgaspar/Flask-AppBuilder
9
https://github.com/getgrav/grav
8
https://github.com/parse-community/parse-server
8
https://github.com/rubygems/rubygems
8
https://github.com/gogs/gogs
8
https://github.com/eclipse/jetty.project
8
https://github.com/nilsteampassnet/teampass
8
https://github.com/openstack/glance
8
https://github.com/apache/superset
8
https://github.com/swagger-api/swagger-ui
8
https://github.com/onionshare/onionshare
8
https://github.com/modoboa/modoboa
8
https://github.com/hashicorp/nomad
8
https://github.com/sulu/sulu
8
https://github.com/denoland/deno
8
https://github.com/dolibarr/dolibarr
8
https://github.com/kubeedge/kubeedge
8
https://github.com/pyload/pyload
8
https://github.com/LavaLite/cms
8
https://github.com/FlowiseAI/Flowise
8
https://github.com/zendframework/zendframework
8
https://github.com/opensearch-project/security
8
https://github.com/sparklemotion/nokogiri
8
https://github.com/OctoPrint/OctoPrint
8
https://github.com/pandao/editor.md
8
https://github.com/rails/rails-html-sanitizer
8
https://github.com/kevinpapst/kimai2
7
https://github.com/google/fscrypt
7
https://github.com/opencv/opencv
7
https://github.com/matrix-org/matrix-rust-sdk
7
https://github.com/hashicorp/vault
7
https://github.com/openstack/horizon
7
https://github.com/janeczku/calibre-web
7
https://github.com/croogo/croogo
7
https://github.com/MobSF/Mobile-Security-Framework-MobSF
7
https://github.com/OPCFoundation/UA-.NETStandard
7
https://github.com/nocodb/nocodb
7
https://github.com/zitadel/zitadel
7
https://github.com/python-pillow/Pillow
7
https://github.com/vega/vega
7
https://github.com/jupyter/notebook
7
https://github.com/containers/podman
7
https://github.com/chakra-core/ChakraCore
7
https://github.com/vaadin/flow
7
https://github.com/scrapy/scrapy
7
https://github.com/jeecgboot/jeecg-boot
7
https://github.com/twbs/bootstrap
7
https://github.com/Leantime/leantime
7
https://github.com/Sylius/Sylius
7
https://github.com/nahsra/antisamy
7
https://github.com/igniterealtime/Openfire
7
https://github.com/zenml-io/zenml
7
https://github.com/dragonflyoss/dragonfly
7
https://github.com/modxcms/revolution
7
https://github.com/opencontainers/runc
7
https://github.com/bagisto/bagisto
7
https://github.com/jenkinsci/blueocean-plugin
7
https://github.com/n8n-io/n8n
7
https://github.com/undertow-io/undertow
7
https://github.com/elastic/elasticsearch
7
https://github.com/yiisoft/yii2
6
https://github.com/stacklok/minder
6
https://github.com/jenkinsci/script-security-plugin
6
https://github.com/dompdf/dompdf
6
https://github.com/louislam/uptime-kuma
6
https://github.com/d4wner/Vulnerabilities-Report
6
https://github.com/lxml/lxml
6
https://github.com/pomerium/pomerium
6
https://github.com/cui2shark/security
6
https://github.com/vantage6/vantage6
6
https://github.com/quarkusio/quarkus
6
https://github.com/cri-o/cri-o
6
https://github.com/tecnickcom/TCPDF
6
https://github.com/ckan/ckan
6
https://github.com/jenkinsci/config-file-provider-plugin
6
https://github.com/panva/jose
6
https://github.com/pmmp/PocketMine-MP
6
https://github.com/openbao/openbao
6