GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,886 advisories
Concrete CMS vulnerable to Reflected Cross-site Scripting
Moderate
CVE-2022-43692
was published
for
concrete5/concrete5
(Composer)
Nov 15, 2022
Concrete CMS vulnerable to Improper Authentication
Moderate
CVE-2022-43690
was published
for
concrete5/concrete5
(Composer)
Nov 15, 2022
Pimcore Cross-site Scripting (XSS) in Predefined Properties delete
Moderate
CVE-2023-2615
was published
for
pimcore/pimcore
(Composer)
May 10, 2023
Pimcore Cross-site Scripting (XSS) in name field of Custom Reports
Moderate
CVE-2023-2614
was published
for
pimcore/pimcore
(Composer)
May 10, 2023
Pimcore Cross-site Scripting (XSS) in Static Routes name field
Moderate
CVE-2023-2616
was published
for
pimcore/pimcore
(Composer)
May 11, 2023
Ibexa User Settings are accessible on the front-end for anonymous user
Moderate
GHSA-r3fg-3r88-6x3f
was published
for
ibexa/user
(Composer)
May 10, 2023
PocketMine MP vulnerable to uncontrolled resource consumption via mismatched type of 'InventoryTransactionPacket'
Moderate
GHSA-42qm-8v8m-m78c
was published
for
pocketmine/pocketmine-mp
(Composer)
Jun 1, 2023
Silverstripe Form Capture vulnerable to stored cross-site-scripting
Moderate
CVE-2023-28851
was published
for
andrewhaine/silverstripe-form-capture
(Composer)
Apr 3, 2023
HTTP caching is marking private HTTP headers as public in Shopware
Moderate
CVE-2022-24747
was published
for
shopware/core
(Composer)
Mar 10, 2022
ProTip!
Advisories are also available from the
GraphQL API