Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,667
Maven
5,000+
npm
4,294
NuGet
760
pip
4,073
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,862 advisories

Loading
silverstripe/framework's install.php script discloses sensitive data by pre-populating DB credential forms Moderate
GHSA-r3pr-fh25-wrfc was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework Privilege Escalation Risk in Member Edit form Moderate
GHSA-xpff-c35g-j3cr was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework's URL parameters `isDev` and `isTest` unguarded Moderate
GHSA-55qg-6c4m-mw6g was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework users inadvertently passing sensitive data to LoginAttempt Moderate
GHSA-ph62-fv59-vf9h was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework has Cross-site Scripting vulnerability in page history comparison Moderate
GHSA-c4c3-j73v-634r was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework has Cross-site Scripting vulnerability in RedirectorPage Moderate
GHSA-pp7q-6j3f-74vj was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework has Cross-site Scripting vulnerability in CMSSecurity BackURL Moderate
GHSA-r85g-7jpv-8xrx was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework has Cross-site Scripting vulnerability in page name Moderate
GHSA-hhvj-mcrx-3vcf was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework member disclosure in login form Moderate
GHSA-g84q-cq55-xwgp was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework vulnerable to Cross-site Scripting In `OptionsetField` and `CheckboxSetField` Moderate
GHSA-468j-6jrc-2rjx was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework's `Member.Name` is not escaped Moderate
GHSA-r9vp-fp72-xgf7 was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework missing ACL on reports Moderate
GHSA-52cx-hpc5-cxwc was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework ChangePasswordForm does not check `Member::canLogIn()` Moderate
GHSA-p5h2-vr99-xm99 was published for silverstripe/framework (Composer) May 27, 2024
SilverStripe comments module includes version of jQuery vulnerable to Cross-site Scripting Moderate
GHSA-frm9-7pm9-5rgc was published for silverstripe/comments (Composer) May 27, 2024
PHP Server Monitor vulnerable to Cross-site Scripting Moderate
CVE-2024-5312 was published for phpservermon/phpservermon (Composer) May 24, 2024
silverstripe/framework ReadOnly transformation for formfields exploitable Moderate
GHSA-97jm-g33h-f46g was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe Cross-site scripting vulnerability in VersionedRequestFilter Moderate
GHSA-mpqj-f4v3-334h was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe Missing CSRF protection in login form Moderate
GHSA-vj2j-6g3w-4662 was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe XSS in CMS Edit Page Moderate
GHSA-m8v7-x398-pxrf was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe Hostname, IP and Protocol Spoofing through HTTP Headers Moderate
GHSA-87pf-7x99-5xc4 was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe CSRF vulnerability in GridFieldAddExistingAutocompleter Moderate
GHSA-2hpc-mf4q-j885 was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe Missing security check on dev/build/defaults Moderate
GHSA-x5w2-wcr8-9q45 was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe HtmlEditor embed url sanitisation Moderate
GHSA-qp29-wcc2-vmpc was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe Form field validation message XSS vulnerability Moderate
GHSA-j982-5jv7-v43r was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe framework is vulnerable to XSS in install.php Moderate
GHSA-mqf5-275h-gf6r was published for silverstripe/framework (Composer) May 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database