Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,854 advisories

Loading
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature Moderate
CVE-2024-46998 was published for baserproject/basercms (Composer) Oct 24, 2024
ayato-shitomi
Credited to ayato-shitomi
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature Moderate
CVE-2024-46996 was published for baserproject/basercms (Composer) Oct 24, 2024
ayato-shitomi
Credited to ayato-shitomi
baserCMS has a Cross-site Scripting (XSS) Vulnerability in HTTP 400 Bad Request Moderate
CVE-2024-46995 was published for baserproject/basercms (Composer) Oct 24, 2024
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature Moderate
CVE-2024-46994 was published for baserproject/basercms (Composer) Oct 24, 2024
Path traversal in redaxo Moderate
CVE-2024-46212 was published for redaxo/source (Composer) Oct 16, 2024
Magento Open Source Information Exposure vulnerability Moderate
CVE-2024-45133 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45135 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Information Exposure vulnerability Moderate
CVE-2024-45134 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Authorization vulnerability Moderate
CVE-2024-45131 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45121 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45124 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2024-45116 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source stored Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2024-45127 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability Moderate
CVE-2024-45120 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45130 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Input Validation vulnerability Moderate
CVE-2024-45117 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Incorrect Authorization vulnerability Moderate
CVE-2024-45125 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45129 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2024-45123 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45122 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2024-45119 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Authorization vulnerability Moderate
CVE-2024-45128 was published for magento/community-edition (Composer) Oct 10, 2024
LimeSurvey Cross Site Scripting vulnerability Moderate
CVE-2024-28709 was published for limesurvey/limesurvey (Composer) Oct 7, 2024
LimeSurvey Cross Site Scripting vulnerability Moderate
CVE-2024-28710 was published for limesurvey/limesurvey (Composer) Oct 7, 2024
Krayin CRM vulnerable to Cross Site Scripting (XSS) via the organization name Moderate
CVE-2024-45932 was published for krayin/laravel-crm (Composer) Oct 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database