Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.

Talk to Our Experts
Get Pricing
Codey gradient
Filter by Severity
Filter by Technology
Filter by Category
Filtering by:
Severity
=
Text for Severity
Close icon
Clear Filters
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
Low
Open in new tab icon
CVE-2020-4051
Dojo
Dojo
Cross-Site Scripting
<1.11.10, >=1.12.0 <1.12.9, >=1.13.0 <1.13.8, >=1.14.0 <1.14.7, >=1.15.0 <1.15.4, >=1.16.0 <1.16.3
Dec 3, 2025
Medium
Open in new tab icon
CVE-2019-10785
Dojo
Dojo
Cross-Site Scripting
<1.11.10, >=1.12.0 <1.12.8, >=1.13.0 <1.13.7, >=1.14.0 <1.14.6, >=1.15.0 <1.15.3, >=1.16.0 <1.16.1
Dec 3, 2025
Medium
Open in new tab icon
CVE-2018-6561
Dojo
Dojo
Cross-Site Scripting
<1.10.10, >=1.11.0 <1.11.6, >=1.12.0 <1.12.4, >=1.13.0 <1.13.1
Dec 3, 2025
High
Open in new tab icon
CVE-2021-23450
Dojo
Dojo
Prototype Pollution
<1.11.13, >=1.12.0 <1.12.11, >=1.13.0 <1.13.10, >=1.14.0 <1.14.9, >=1.15.0 <1.15.6, >=1.16.0 <1.16.5
Dec 3, 2025
Low
Open in new tab icon
CVE-2020-5259
Dojo
Dojo
Prototype Pollution
<1.11.10, >=1.12.0 <1.12.8, >=1.13.0 <1.13.7, >=1.14.0 <1.14.6, >=1.15.0 <1.15.3, >=1.16.0 <1.16.2
Dec 3, 2025
Medium
Open in new tab icon
CVE-2025-3900
Drupal 7
Colorbox
Cross-Site Scripting
>=7.0.0 <=7.2.19
Dec 3, 2025
High
Open in new tab icon
CVE-2025-66412
Angular
Angular
Cross-Site Scripting
>=21.0.0-next.0 <21.0.2, >=20.0.0-next.0 <20.3.15, >=19.0.0-next.0 <19.2.17, <=18.2.14
Dec 2, 2025
High
Open in new tab icon
CVE-2025-66035
Angular
Angular
Information Exposure
>=21.0.0-next.0 <21.0.1, >=20.0.0-next.0 <20.3.14, >=19.0.0-next.0 <19.2.16, <=18.2.14
Dec 2, 2025
Critical
Open in new tab icon
CVE-2018-15494
Dojo
Dojo
Cross-Site Scripting
<1.10.10, >=1.11.0-rc1 <1.11.6, >=1.12.0-rc1 <1.12.4, >=1.13.0 <1.14.0
Nov 24, 2025
Medium
Open in new tab icon
CVE-2025-12848
Drupal 7
Webform Multiple File Upload
Cross-Site Scripting
>=7.0.0 <=7.1.6
Nov 20, 2025
High
Open in new tab icon
CVE-2025-55754
Apache Tomcat
Apache Tomcat
Command Injection
>=8.5.60 <=8.5.100, >=9.0.40 <9.0.109, >=10.1.0-M1 <10.1.45, >=11.0.0-M1 <11.0.11
Nov 7, 2025
Medium
Open in new tab icon
CVE-2025-61795
Apache Tomcat
Apache Tomcat
Denial of Service
>=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.110, >=10.1.0-M1 <10.1.47, >=11.0.0-M1 <11.0.12
Nov 7, 2025
High
Open in new tab icon
CVE-2025-55752
Apache Tomcat
Apache Tomcat
Path Traversal
>=8.5.6 <=8.5.100, >=9.0.0.M11 <9.0.109, >=10.1.0-M1 <10.1.45, >=11.0.0-M1 <11.0.11
Nov 7, 2025
Medium
Open in new tab icon
CVE-2025-3901
Drupal 7
Bootstrap Site Alert module
Cross-Site Scripting
<=7.1.6
Nov 5, 2025
Critical
Open in new tab icon
CVE-2022-37602
AngularJS
Grunt Karma
Prototype Pollution
>=0.10.0
Oct 29, 2025
Exclamation icon
No results found

Please enter a valid Vulnerability ID number or Technology name.

Sign up for the latest vulnerability alerts
Rss feed icon
Subscribe via RSS
or
Thanks for signing up for our Newsletter! We look forward to connecting with you.
Oops! Something went wrong while submitting the form.

By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

PreferencesRejectAccept
Manage Consent Preferences by Category
Essentials
Always active

Necessary for the site to function. Always On.

Used for targeted advertising.

Remembers your preferences and provides enhanced features.

Measures usage and improves your experience.

Reject AllAccept All
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.