CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Joomla! 1.7.1 has core information disclosure due to inadequate error checking.