GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,291 advisories
Froxlor username/surname AND company field Bypass
High
CVE-2023-50256
was published
for
froxlor/froxlor
(Composer)
Jan 4, 2024
PrestaShop some attribute not escaped in Validate::isCleanHTML method
High
CVE-2024-21627
was published
for
prestashop/prestashop
(Composer)
Jan 3, 2024
Magento LTS vulnerable to Stored XSS via TinyMCE WYSIWYG Editor
High
GHSA-9j5w-2cqc-cwj9
was published
for
openmage/magento-lts
(Composer)
Dec 8, 2023
phpseclib vulnerable to denial of service
High
CVE-2023-49316
was published
for
phpseclib/phpseclib
(Composer)
Nov 27, 2023
Cross-site Scripting via uploaded assets
High
CVE-2023-48701
was published
for
statamic/cms
(Composer)
Nov 22, 2023
Pimcore SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt()
High
CVE-2023-47637
was published
for
pimcore/pimcore
(Composer)
Nov 15, 2023
Statamic CMS vulnerable to remote code execution via form uploads
High
CVE-2023-48217
was published
for
statamic/cms
(Composer)
Nov 14, 2023
yiisoft/yii deserializing untrusted user input can lead to remote code execution
High
CVE-2023-47130
was published
for
yiisoft/yii
(Composer)
Nov 14, 2023
Statamic CMS remote code execution via front-end form uploads
High
CVE-2023-47129
was published
for
statamic/cms
(Composer)
Nov 12, 2023
FoodCoopShop Server-Side Request Forgery vulnerability
High
CVE-2023-46725
was published
for
foodcoopshop/foodcoopshop
(Composer)
Nov 2, 2023
ProTip!
Advisories are also available from the
GraphQL API