GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4,870 advisories
Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled
Critical
CVE-2024-56145
was published
for
craftcms/cms
(Composer)
Dec 18, 2024
Moodle stored Cross-site Scripting (XSS)
Moderate
CVE-2024-33997
was published
for
moodle/moodle
(Composer)
May 31, 2024
Chrome PHP is missing encoding in `CssSelector`
Moderate
CVE-2025-48883
was published
for
chrome-php/chrome
(Composer)
May 28, 2025
TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery
High
CVE-2024-55924
was published
for
typo3/cms-scheduler
(Composer)
Jan 14, 2025
TYPO3 DB Check Module vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-55945
was published
for
typo3/cms-lowlevel
(Composer)
Jan 14, 2025
TYPO3 Cross-Site Request Forgery in Backend User Module
Moderate
CVE-2024-55894
was published
for
typo3/cms-beuser
(Composer)
Jan 14, 2025
TYPO3 Cross-Site Request Forgery in Log Module
Moderate
CVE-2024-55893
was published
for
typo3/cms-belog
(Composer)
Jan 14, 2025
Froxlor has an HTML Injection Vulnerability
Moderate
CVE-2025-48958
was published
for
froxlor/froxlor
(Composer)
Mar 11, 2025
Laravel Rest Api has a Search Validation Bypass
Moderate
CVE-2025-48490
was published
for
lomkit/laravel-rest-api
(Composer)
May 27, 2025
ProTip!
Advisories are also available from the
GraphQL API