Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,887 advisories

Loading
TYPO3 Cross-Site Scripting vulnerability in typolinks Moderate
GHSA-75mx-chcf-2q32 was published for typo3/cms (Composer) May 30, 2024
TYPO3 Cross-Site Scripting Vulnerability Exploitable by Editors Moderate
GHSA-wp8j-c736-c5r3 was published for typo3/cms (Composer) May 30, 2024
ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting Moderate
GHSA-mxjf-hc9v-xgv2 was published for typo3/cms (Composer) May 30, 2024
OpenCMS Cross-Site Scripting vulnerability Moderate
CVE-2024-5520 was published for org.opencms:opencms-core (Maven) May 30, 2024
TYPO3 Cross-Site Scripting in Filelist Module Moderate
GHSA-6xwf-7rfm-4gwc was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Link Handling Moderate
GHSA-4ppr-jw47-9qm5 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Form Framework validation handling Moderate
GHSA-95qm-3xp7-vfj5 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Arbitrary Code Execution and Cross-Site Scripting in Backend API High
GHSA-x428-565f-8xj2 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Form Framework Moderate
GHSA-4459-qrcc-vfcf was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Language Pack Handling Moderate
GHSA-76r3-m635-p3vc was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Fluid ViewHelpers Moderate
GHSA-22q7-cg4r-p9mx was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Frontend User Login Moderate
GHSA-8c25-vj2w-p72j was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Backend Modal Component Moderate
GHSA-g4c9-qfvw-fmr4 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Online Media Asset Rendering Moderate
GHSA-wg8h-gxf4-g4gh was published for typo3/cms-core (Composer) May 30, 2024
Thelia BackOffice default template vulnerable to Cross-site Scripting Moderate
GHSA-pp7v-wxx9-hm6r was published for thelia/backoffice-default-template (Composer) May 30, 2024
Thelia Cross-site Scripting vulnerability in BackOffice Moderate
GHSA-vq4j-qcx7-ppc6 was published for thelia/thelia (Composer) May 30, 2024
symbiote/silverstripe-multivaluefield Possible PHP Object Injection via Multi-Value Field Extension Moderate
GHSA-g5vj-wj9x-4jg9 was published for symbiote/silverstripe-multivaluefield (Composer) May 29, 2024
ScnSocialAuth Cross-site Scripting vulnerability in login redirect param Moderate
GHSA-g6f5-4w43-2x63 was published for socalnick/scn-social-auth (Composer) May 29, 2024
ansibleguy-webui Cross-site Scripting vulnerability High
CVE-2024-36110 was published for ansibleguy-webui (pip) May 28, 2024
ntrampham ansibleguy
Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality Moderate
CVE-2024-35240 was published for Umbraco.Commerce (NuGet) May 28, 2024
RaphaelCSSilva
SimpleSAMLphp Reflected Cross-site Scripting vulnerability Moderate
GHSA-vpr3-cw3h-prw8 was published for simplesamlphp/simplesamlphp (Composer) May 28, 2024
Umbraco Forms components vulnerable to Stored Cross-site Scripting Low
CVE-2024-35239 was published for Umbraco.Forms (NuGet) May 28, 2024
RaphaelCSSilva
formwork Cross-site scripting vulnerability in Markdown fields Moderate
CVE-2024-35621 was published for getformwork/formwork (Composer) May 28, 2024
Kyokito1412
silverstripe/framework has Cross-site Scripting vulnerability in RedirectorPage Moderate
GHSA-pp7q-6j3f-74vj was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework has Cross-site Scripting vulnerability in CMSSecurity BackURL Moderate
GHSA-r85g-7jpv-8xrx was published for silverstripe/framework (Composer) May 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database