GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,329 advisories
Craft CMS vulnerable to Remote Code Execution via validatePath bypass
High
CVE-2023-40035
was published
for
craftcms/cms
(Composer)
Aug 21, 2023
RaspAP Command Injection vulnerability
High
CVE-2022-39987
was published
for
billz/raspap-webgui
(Composer)
Aug 1, 2023
Field injection in the KirbyData text storage handler
High
CVE-2023-38488
was published
for
getkirby/cms
(Composer)
Jul 28, 2023
Insufficient Session Expiration after a password change
High
CVE-2023-38489
was published
for
getkirby/cms
(Composer)
Jul 28, 2023
Pimcore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
High
CVE-2023-3819
was published
for
pimcore/pimcore
(Composer)
Jul 21, 2023
Pimcore vulnerable to SQL Injection in Dataobjects sorting
High
CVE-2023-3820
was published
for
pimcore/pimcore
(Composer)
Jul 21, 2023
grav Server-side Template Injection (SSTI) mitigation bypass
High
CVE-2023-37897
was published
for
getgrav/grav
(Composer)
Jul 19, 2023
zenstruck/collection passing callable string to EntityRepository::find() and query()
High
CVE-2023-37473
was published
for
zenstruck/collection
(Composer)
Jul 14, 2023
PocketMine-MP vulnerable to server crash using badly formatted sign NBT in BlockActorDataPacket
High
GHSA-7wrv-6h42-w54f
was published
for
pocketmine/pocketmine-mp
(Composer)
Jul 14, 2023
ProTip!
Advisories are also available from the
GraphQL API