Vulnerability Database

Total number of vulnerabilities in the DB: 296,733

ractf / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2020-15235	High		Oct 5, 2020	<= 41edf92

mobileiron / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2020-15505	Critical		Jul 7, 2020	>= 10.6.0.0 < 10.6.0.1 >= 10.5.2.0 < 10.5.2.1 >= 10.4.0.0 < 10.4.0.4 < 10.3.0.4 >= 10.5.1.0 < 10.5.1.1
CVE-2020-15506	Critical		Jul 7, 2020	<= 10.6
CVE-2020-15507	High		Jul 7, 2020	<= 10.6

formtools / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2021-38143	Medium		Aug 31, 2021	<= 3.0.20
CVE-2021-38144	Medium		Aug 31, 2021	<= 3.0.20
CVE-2021-38145	Critical		Aug 31, 2021	<= 3.0.20

onlyoffice / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2022-29776	Critical		Jun 2, 2022	<= 6.1.0.26
CVE-2022-29777	Critical		Jun 2, 2022	<= 6.1.0.26

@nestjs / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2023-26108	Medium		Mar 6, 2023	< 9.0.5

drupal / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-3057	Medium		Apr 1, 2025	>= 8.0.0 < 10.3.13 >= 10.4.0 < 10.4.3 >= 11.0.0 < 11.0.12 >= 11.1.0 < 11.1.3
CVE-2025-31674	Medium		Apr 1, 2025	>= 8.0.0 < 10.3.13 >= 10.4.0 < 10.4.3 >= 11.0.0 < 11.0.12 >= 11.1.0 < 11.1.3
CVE-2025-31675	Low		Apr 1, 2025	>= 8.0.0 < 10.3.14 >= 10.4.0 < 10.4.5 >= 11.0.0 < 11.0.13 >= 11.1.0 < 11.1.5
CVE-2025-31673	Medium		Apr 1, 2025	>= 8.0.0 < 10.3.13 >= 10.4.0 < 10.4.3 >= 11.0.0 < 11.0.12 >= 11.1.0 < 11.1.3
Drupal core Cross-Site Scripting (XSS) vulnerabilities	Medium		May 15, 2024	>= 8.0.0 < 8.9.18 >= 9.1.0 < 9.1.12 >= 9.2.0 < 9.2.4
Drupal core Arbitrary PHP code execution	High		May 15, 2024	>= 7.0.0 < 7.75 >= 8.0.0 < 8.8.12 >= 8.9.0 < 8.9.10 >= 9.0.0 < 9.0.9
Drupal core Open Redirect vulnerability	Medium		May 15, 2024	>= 7.0.0 < 7.70
Drupal core uses a vulnerable Third-party library CKEditor	Medium		May 15, 2024	>= 8.0.0 < 8.7.12 >= 8.8.0 < 8.8.4
Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_Tar	High		May 15, 2024	>= 7.0.0 < 7.69 >= 8.0.0 < 8.7.11 >= 8.8.0 < 8.8.1
Drupal core Access bypass	Medium		May 15, 2024	>= 8.0.0 < 8.7.11 >= 8.8.0 < 8.8.1

‹
›

1
2
3
4
›

shopware / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
Shopware Customer Orders can be canceled, even if refunds are disabled	Medium		Oct 21, 2025	>= 6.7.0.0 < 6.7.3.1 < 6.6.10.7
Shopware exposes sensitive user information via CSV export mapping	Medium		Oct 21, 2025	>= 6.7.0.0 < 6.7.3.1 < 6.6.10.7
Shopware vulnerable to Server-Side Request Forgery (SSRF) – order invoice	Low		Oct 21, 2025	>= 6.7.0.0 < 6.7.3.1 < 6.6.10.7
Shopware vulnerable to path traversal via Plugin upload	Low		Oct 21, 2025	>= 6.7.0.0 < 6.7.3.1 < 6.6.10.7
Shopware vulnerable to MediaVisibilityRestrictionSubscriber bypass when reading media entities by aggregating fields individually	Medium		Oct 21, 2025	>= 6.7.0.0 < 6.7.3.1 < 6.6.10.7
Shopware: Reflective Cross Site-Scripting (XSS) in CMS components	High		Sep 10, 2025	>= 6.7.0.0 < 6.7.2.1
CVE-2025-32378	Low		Apr 9, 2025	>= 6.6.0.0-rc1 < 6.6.10.3 >= 6.7.0.0-rc1 < 6.7.0.0-rc2 < 6.5.8.17
Shopware Broken ACL on Document retrieval to access other customers documents	Medium		Apr 8, 2025	>= 6.6.0.0 < 6.6.10.3 >= 6.7.0.0-rc1 < 6.7.0.0-rc2 < 6.5.8.17
CVE-2025-27892	High		Apr 8, 2025	>= 6.6.0.0 < 6.6.10.3 >= 6.7.0.0-rc1 < 6.7.0.0-rc2 == 6.7.0.0-rc1 < 6.5.8.18
CVE-2025-30151	High		Apr 8, 2025	>= 6.6.0.0 < 6.6.10.3 >= 6.7.0.0-rc1 < 6.7.0.0-rc2 < 6.5.8.17

‹
›

1
2
3
4
5
›

mautic / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-9824	Medium		Sep 3, 2025	>= 4.4.0 < 4.4.17 >= 5.0.0-alpha < 5.2.8 >= 6.0.0-alpha < 6.0.5
CVE-2025-9823	Medium		Sep 3, 2025	>= 4.4.0 < 4.4.17 >= 5.0.0-alpha < 5.2.8 >= 6.0.0-alpha < 6.0.5
CVE-2025-9822	Medium		Sep 3, 2025	>= 4.4.0 < 4.4.17 >= 5.0.0-alpha < 5.2.8 >= 6.0.0-alpha < 6.0.5
CVE-2025-9821	Low		Sep 3, 2025	>= 4.4.0 < 4.4.17 >= 5.0.0-alpha < 5.2.8 >= 6.0.0-alpha < 6.0.5
CVE-2025-5256	Medium		May 28, 2025	>= 1.0.0 < 4.4.16 >= 5.0.0-alpha < 5.2.6 >= 6.0.0-alpha < 6.0.2
CVE-2024-47055	Medium		May 28, 2025	>= 5.0.0-alpha < 5.2.6 >= 6.0.0-alpha < 6.0.2
CVE-2024-47057	Medium		May 28, 2025	>= 1.0.0 < 4.4.16 >= 5.0.0-alpha < 5.2.6 >= 6.0.0-alpha < 6.0.2
CVE-2024-47056	Medium		May 28, 2025	>= 4.4.0 < 4.4.16 >= 5.0.0-alpha < 5.2.6 >= 6.0.0-alpha < 6.0.2
CVE-2025-5257	Medium		May 28, 2025	>= 4.0.0 < 4.4.16 >= 5.0.0-alpha < 5.2.6 >= 6.0.0-alpha < 6.0.2
CVE-2022-25773	Medium		Feb 26, 2025	< 5.2.3

‹
›

1
2
3
4
›

bolt / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2021-40219	High		Apr 11, 2022	<= 4.2
CVE-2021-27367	High		Feb 17, 2021	< 4.1.13

ibexa / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
Ibexa Kernel's files with blacklisted extensions can be still saved to drafts	Medium		Mar 20, 2024	>= 4.5.0 < 4.5.6 >= 4.6.0 < 4.6.2
Ibexa DXP Download route allows filename change	Low		Nov 3, 2023	>= 4.5.0 < 4.5.4
Ibexa DXP users with the Company admin role can assign any role to any user	Critical		Nov 10, 2022	>= 4.2.0 < 4.2.3
Login timing attack in ibexa/core	Critical		Jun 2, 2022	>= 4.0.0 < 4.0.7 >= 4.1.0 < 4.1.4
Object state limitation has no effect	Critical		Apr 29, 2022	>= 4.0.0 < 4.0.5 >= 4.1.0 < 4.1.2

s-cart / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-57407	Low		Sep 23, 2025	<= 9.0.5
CVE-2022-21149	Low		May 1, 2022	< 6.9

@angular / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2021-4231	Medium		May 26, 2022	< 11.0.5 >= 11.1.0-next.0 < 11.1.0-next.3

concrete5 / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2022-30117	Critical		Jun 24, 2022	>= 9.0.0 < 9.1.0 < 8.5.8
CVE-2022-21829	Critical		Jun 24, 2022	>= 9.0.0 < 9.1.0 < 8.5.8
CVE-2022-30120	Medium		Jun 24, 2022	>= 9.0.0 < 9.1.0 < 8.5.8
CVE-2021-22968	High		Nov 19, 2021	< 8.5.7
CVE-2021-22970	High		Nov 19, 2021	< 8.5.7
CVE-2021-22966	High		Nov 19, 2021	< 8.5.7
CVE-2021-22967	High		Nov 19, 2021	< 8.5.7
CVE-2021-22969	Medium		Nov 19, 2021	< 8.5.7
CVE-2021-22951	High		Nov 19, 2021	< 8.5.7

@actions / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2022-35954	Medium		Aug 15, 2022	< 1.9.1
CVE-2020-15228	Medium		Oct 1, 2020	< 1.2.6

@keystone-6 / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-46720	Low		May 5, 2025	< 6.5.0
CVE-2023-40027	Medium		Aug 15, 2023	< 5.5.1
@keystone-6/core's bundled cuid package known to be insecure	Low		Jun 12, 2023	<= 5.3.1
CVE-2022-39382	Critical		Nov 3, 2022	>= 3.0.0 < 3.0.2
CVE-2022-39322	Critical		Oct 25, 2022	>= 2.2.0 < 2.3.1

badaso / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-52353	High		Aug 26, 2025	<= 2.9.11
CVE-2022-41705	Critical		Nov 25, 2022	< 2.7.0
CVE-2022-41711	Critical		Oct 25, 2022	< 2.6.1

flarum / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-27794	Medium		Mar 12, 2025	< 1.8.10
CVE-2024-21641	Low		Jan 5, 2024	< 1.8.5
CVE-2023-40033	High		Aug 16, 2023	< 1.8.0
CVE-2023-27577	Low		Mar 10, 2023	< 1.7.0
CVE-2023-22489	Low		Jan 13, 2023	>= 1.3.0 < 1.6.3
CVE-2023-22488	Medium		Jan 12, 2023	< 1.6.3
CVE-2022-41938	Medium		Nov 19, 2022	>= 1.5.0 < 1.6.2
CVE-2021-32671	Critical		Jun 8, 2021	>= 1.0.0 < 1.0.2

@sequelize / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2023-22580	High		Feb 16, 2023	< 7.0.0-alpha.20
CVE-2023-22578	Critical		Feb 16, 2023	< 7.0.0-alpha.20
CVE-2023-22579	High		Feb 16, 2023	< 7.0.0-alpha.20

api-platform / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-31485	High		Apr 4, 2025	>= 4.0.0-alpha.1 < 4.0.22 < 3.4.17 >= 4.1.0-alpha.1 < 4.1.5
CVE-2025-31481	High		Apr 4, 2025	>= 4.0.0-alpha.1 < 4.0.22 < 3.4.17 >= 4.1.0-alpha.1 < 4.1.5
CVE-2023-47639	Medium		Apr 3, 2025	>= 3.2.0 < 3.2.5
CVE-2025-23204	Medium		Mar 24, 2025	>= 3.3.8 < 3.3.15
CVE-2023-25575	Medium		Mar 1, 2023	>= 3.0.0 < 3.0.12 >= 3.1.0 < 3.1.3 >= 2.6.0 < 2.7.10
CVE-2019-1000011	Medium		Feb 4, 2019	>= 2.2.0 < 2.2.10 >= 2.3.0 < 2.3.6 >= 2.2.0 <= 2.3.5

@sap-cloud-sdk / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2021-41251	Low		Nov 6, 2021	< 1.52.0
Improper Authorization in @sap-cloud-sdk/core	High		Sep 3, 2020	>= 1.19.0 < 1.21.2

@ionic / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
Cross-Site Scripting in @ionic/core	High		Sep 3, 2020	< 4.0.3 >= 4.1.0 < 4.1.3 >= 4.2.0 < 4.2.1 >= 4.3.0 < 4.3.1

@tsed / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2020-7748	High		Oct 20, 2020	< 5.65.7

@vendure / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
@vendure/core's insecure currencyCode handling allows wrong payment amounts	Medium		Nov 17, 2023	< 2.1.3
Vendure Cross Site Request Forgery vulnerability impacting all API requests	Low		Jul 11, 2023	< 2.0.3

pimcore / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2023-5192	Medium		Sep 27, 2023	< 10.3.0

@scrypted / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
GitHub Security Lab (GHSL) Vulnerability Report, scrypted: `GHSL-2023-218`, `GHSL-2023-219`	High		Feb 16, 2024	<= 0.1.142
CVE-2023-47623	Medium		Dec 13, 2023	<= 0.1.142

fuel / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
fuel/core Crypt encryption compromised.	Medium		May 15, 2024	< 1.8.1
fuel/core ImageMagick driver does not escape all shell arguments.	High		May 15, 2024	< 1.8.0.4

org.verapdf / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2024-28109	High		Mar 28, 2024	< 1.24.2

contao / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
contao/core PHP object injection vulnerability allows for arbitrary code execution	High		May 15, 2024	>= 2.0.0 < 2.11.14 >= 3.0.0 < 3.2.5
contao/core Insufficient input validation allows for code injection and remote execution	Critical		May 15, 2024	>= 2.0.0 < 2.11.17 >= 3.0.0 < 3.2.9

@janhq / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2024-36857	High		Jun 4, 2024	<= 0.1.11
CVE-2024-37273	Critical		Jun 4, 2024	<= 0.1.11
CVE-2024-36858	Critical		Jun 4, 2024	<= 0.1.11

@zenuml / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2024-38527	Medium		Jun 26, 2024	< 3.23.25

@zag-js / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2024-57079	High		Feb 6, 2025	< 0.82.2

@intlify / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-53892	Medium		Jul 16, 2025	>= 9.0.0 < 9.14.5 >= 10.0.0 < 10.0.8 >= 11.0.0 < 11.1.10
CVE-2025-27597	High		Mar 7, 2025	>= 9.1.0 < 9.1.11

@pkgr / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-54313	High		Jul 19, 2025	== 0.2.8 >= 0.2.8 < 0.2.9

com.ritense.valtimo / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-58059	Critical		Aug 28, 2025	< 12.16.0.RELEASE >= 13.0.0.RELEASE < 13.1.2.RELEASE

gp247 / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-57407	Low		Sep 23, 2025	< 1.1.24

@strapi / core

You can search for specific versions with https://synscan.net/product/core/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-53092	Medium		Oct 16, 2025	< 5.20.0
CVE-2025-25298	Medium		Oct 16, 2025	< 5.10.3
CVE-2024-56143	High		Oct 16, 2025	>= 5.0.0 < 5.5.2