Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
SQL Injection in TYPO3 Frontend Login Moderate
GHSA-j86x-pjmr-9m6w was published for typo3/cms (Composer) Jun 5, 2024
Insecure Unserialize in TYPO3 Import/Export Moderate
GHSA-xvcp-33rc-j8gq was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 Backend Moderate
GHSA-86r8-4g3w-7xjp was published for typo3/cms (Composer) Jun 5, 2024
Privilege Escalation in TYPO3 CMS Moderate
GHSA-v5jp-4h2p-j2p4 was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 Backend Moderate
GHSA-5wx6-xwxf-q8qj was published for typo3/cms (Composer) Jun 5, 2024
Authentication Bypass in TYPO3 CMS Moderate
GHSA-6xh8-8pfv-53vx was published for typo3/cms (Composer) Jun 5, 2024
Digital products download without proper payment status check Moderate
CVE-2024-37296 was published for aimeos/ai-client-html (Composer) Jun 5, 2024
ssshah2131
Vulnerable embedded jQuery Version Moderate
GHSA-jmh9-6rjq-gjh9 was published for pimcore/admin-ui-classic-bundle (Composer) Jun 5, 2024
hirakch
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search Moderate
GHSA-pmxp-7224-h794 was published for typo3/cms (Composer) Jun 4, 2024
Typo3 Arbitrary File Disclosure in Form Component Moderate
GHSA-wrpf-2x8h-82gr was published for typo3/cms (Composer) Jun 4, 2024
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content Moderate
GHSA-8j9v-4hhh-x43c was published for typo3/cms (Composer) Jun 4, 2024
Cross-Site Scripting (XSS) in TYPO3 component Backend Moderate
GHSA-3jxq-5xhh-9jr3 was published for typo3/cms (Composer) Jun 4, 2024
Reflected Cross-Site Scripting (XSS) in Dolibarr Moderate
CVE-2024-34051 was published for dolibarr/dolibarr (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting (XSS) in form component Moderate
GHSA-5j86-5xvg-7q93 was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting in legacy form component Moderate
GHSA-vgm8-r9gm-fw59 was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting in link validator component Moderate
GHSA-cg4m-qjjp-7497 was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Multiple Cross-Site Scripting vulnerabilities in frontend Moderate
GHSA-6fc6-cj2j-h22x was published for typo3/cms (Composer) Jun 3, 2024
Cross-Site Scripting in TYPO3 component Indexed Search Moderate
GHSA-wh8q-72cp-p5wf was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 is susceptible to Cross-Site Flashing Moderate
GHSA-qrxh-46mr-pr7q was published for typo3/cms (Composer) Jun 3, 2024
Multiple Cross-Site Scripting vulnerabilities in TYPO3 backend Moderate
GHSA-5cxf-xx9j-54jc was published for typo3/cms (Composer) Jun 3, 2024
Reflected Cross-site Scripting in yiisoft/yii2 Debug mode Moderate
CVE-2024-32877 was published for yiisoft/yii2 (Composer) Jun 2, 2024
Antiphishing iBotPeaches
rob006
Moodle Authenticated LFI risk in some misconfigured shared hosting environments Moderate
CVE-2024-34004 was published for moodle/moodle (Composer) May 31, 2024
Moodle Authenticated LFI risk in some misconfigured shared hosting environments Moderate
CVE-2024-34003 was published for moodle/moodle (Composer) May 31, 2024
Moodle Unsanitized HTML in site log for config_log_created Moderate
CVE-2024-34006 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Moodle Logout CSRF in admin/tool/mfa/auth.php Moderate
CVE-2024-34007 was published for moodle/moodle (Composer) May 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database