GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,291 advisories
phpMyFAQ SQL injections at insertentry & saveentry
High
CVE-2024-28107
was published
for
phpmyfaq/phpmyfaq
(Composer)
Mar 25, 2024
phpMyFAQ's File Upload Bypass at Category Image Leads to RCE
High
CVE-2024-28105
was published
for
phpmyfaq/phpmyfaq
(Composer)
Mar 25, 2024
CodeIgniter4 DoS Vulnerability
High
CVE-2024-29904
was published
for
codeigniter4/framework
(Composer)
Mar 29, 2024
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
High
CVE-2024-2653
was published
for
amphp/http
(Composer)
Apr 3, 2024
amphp/http-client Denial of Service via HTTP/2 CONTINUATION Frames
High
GHSA-w8gf-g2vq-j2f4
was published
for
amphp/http-client
(Composer)
Apr 3, 2024
timber/timber vulnerable to Deserialization of Untrusted Data
High
CVE-2024-29800
was published
for
timber/timber
(Composer)
Apr 12, 2024
Mautic vulnerable to Relative Path Traversal / Arbitrary File Deletion due to GrapesJS builder
High
CVE-2021-27916
was published
for
mautic/core
(Composer)
Apr 12, 2024
Mautic Sensitive Data Exposure due to inadequate user permission settings
High
CVE-2022-25776
was published
for
mautic/core
(Composer)
Apr 12, 2024
Dusk plugin may allow unfettered user authentication in misconfigured installs
High
CVE-2024-32003
was published
for
winter/wn-dusk-plugin
(Composer)
Apr 12, 2024
Dolibarr Application Home Page has HTML injection vulnerability
High
CVE-2024-23817
was published
for
dolibarr/dolibarr
(Composer)
Apr 18, 2024
LibreNMS vulnerable to SQL injection time-based leads to database extraction
High
CVE-2024-32461
was published
for
librenms/librenms
(Composer)
Apr 22, 2024
LibreNMS uses Improper Sanitization on Service template name leads to Stored XSS
High
CVE-2024-32479
was published
for
librenms/librenms
(Composer)
Apr 22, 2024
ProTip!
Advisories are also available from the
GraphQL API