Vulnerability Database

  • Total number of vulnerabilities in the DB: 308,379
With exploit

pega / platform

Title Severity Exploit Date Affected Version
CVE-2023-50166 Medium Jan 31, 2024 >= 8.5.4 <= 8.8.3
CVE-2023-50165 High Jan 31, 2024 >= 8.2.1 <= 23.1.0
CVE-2023-32089 Low Oct 18, 2023 >= 8.1.0 <= 8.8.2
CVE-2023-32088 Low Oct 18, 2023 >= 8.8.0 < 8.8.3
>= 8.1.0 < 8.7.5
CVE-2023-32087 Low Oct 18, 2023 >= 8.8.0 < 8.8.3
>= 8.1.0 < 8.7.5
CVE-2019-16374 Critical Aug 13, 2020 <= 8.2.1
CVE-2020-8775 High Apr 29, 2020 < 8.2.6
CVE-2020-8773 High Apr 29, 2020 < 8.2.6

eclipse / platform

Title Severity Exploit Date Affected Version
CVE-2020-27225 High Mar 9, 2021 <= 4.18

Composer icon oro / platform

Title Severity Exploit Date Affected Version
OroPlatform Forced Redirect to External Website Medium May 20, 2024 >= 1.7.0 < 1.7.4
CVE-2023-45824 Low Mar 25, 2024 >= 5.1.0 < 5.1.4
>= 5.0.0 <= 5.0.12
>= 4.2.0 <= 4.2.10
CVE-2022-41951 High Nov 27, 2023 >= 4.1.0 <= 4.1.13
>= 4.2.0 <= 4.2.10
>= 5.0.0 < 5.0.8
XSS vulnerability in translations Medium Jan 12, 2022 >= 3.1.0 < 3.1.29
>= 4.1.0 < 4.1.17
>= 4.2.0 < 4.2.8
CVE-2021-43852 High Jan 4, 2022 >= 4.1.0 < 4.1.14
>= 4.2.0 < 4.2.8
CVE-2021-41236 Medium Jan 4, 2022 >= 3.1.0 < 3.1.21
>= 4.1.0 < 4.1.14
>= 4.2.0 < 4.2.8

Composer icon shopware / platform

Title Severity Exploit Date Affected Version
Shopware Customer Orders can be canceled, even if refunds are disabled Medium Oct 21, 2025 >= 6.7.0.0 < 6.7.3.1
< 6.6.10.7
Shopware exposes sensitive user information via CSV export mapping Medium Oct 21, 2025 >= 6.7.0.0 < 6.7.3.1
< 6.6.10.7
Shopware vulnerable to Server-Side Request Forgery (SSRF) – order invoice Low Oct 21, 2025 >= 6.7.0.0 < 6.7.3.1
< 6.6.10.7
Shopware vulnerable to path traversal via Plugin upload Low Oct 21, 2025 >= 6.7.0.0 < 6.7.3.1
< 6.6.10.7
Shopware vulnerable to MediaVisibilityRestrictionSubscriber bypass when reading media entities by aggregating fields individually Medium Oct 21, 2025 >= 6.7.0.0 < 6.7.3.1
< 6.6.10.7
CVE-2025-7954 Medium Aug 6, 2025 <= 6.6.10.4
CVE-2025-32378 Low Apr 9, 2025 >= 6.6.0.0-rc1 < 6.6.10.3
>= 6.7.0.0-rc1 < 6.7.0.0-rc2
< 6.5.8.17
Shopware Broken ACL on Document retrieval to access other customers documents Medium Apr 8, 2025 >= 6.6.0.0 < 6.6.10.3
>= 6.7.0.0-rc1 < 6.7.0.0-rc2
< 6.5.8.17
CVE-2025-27892 High Apr 8, 2025 >= 6.6.0.0 < 6.6.10.3
>= 6.7.0.0-rc1 < 6.7.0.0-rc2
== 6.7.0.0-rc1
< 6.5.8.18
CVE-2025-30151 High Apr 8, 2025 >= 6.6.0.0 < 6.6.10.3
>= 6.7.0.0-rc1 < 6.7.0.0-rc2
< 6.5.8.17

Composer icon orchid / platform

Title Severity Exploit Date Affected Version
CVE-2023-36825 Critical Jul 11, 2023 >= 14.0.0-alpha4 < 14.5.0
== 14.0.0-alpha5
== 14.0.0-alpha6
== 14.0.0-alpha7
== 14.0.0
== 14.0.0-alpha4
>= 14.0.1 < 14.5.0
CVE-2020-15263 High Oct 19, 2020 >= 9.0.0 < 9.4.4

1e / platform

Title Severity Exploit Date Affected Version
CVE-2024-7211 Low Aug 1, 2024 == 24.7
== 23.11.1.15
== 23.7.1.80
== 8.4.1.229
CVE-2023-5964 Critical Nov 6, 2023 < 23.0
CVE-2023-45163 Critical Nov 6, 2023 < 18.1
CVE-2023-45161 Critical Nov 6, 2023 < 20.1
CVE-2023-45162 Critical Oct 13, 2023 == 8.1.2
== 8.4.1
== 9.0.1
== 23.7.1

fuyang_lipengjun / platform

Title Severity Exploit Date Affected Version
CVE-2025-10822 Low Sep 23, 2025 == 1.0.0
CVE-2025-10821 Low Sep 22, 2025 == 1.0.0
CVE-2025-10820 Low Sep 22, 2025 == 1.0.0
CVE-2025-10819 Low Sep 22, 2025 == 1.0.0
CVE-2025-10676 Low Sep 18, 2025 == 1.0.0
CVE-2025-10674 Low Sep 18, 2025 == 1.0.0
CVE-2025-10675 Low Sep 18, 2025 == 1.0.0
CVE-2025-10086 Medium Sep 8, 2025 == 1.0.0
CVE-2025-9936 Low Sep 4, 2025 == 1.0.0
CVE-2025-7936 Medium Jul 21, 2025 == 1.0.0