Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

37,008 advisories

Loading
ZendFramework has potential Cross-site Scripting vector in multiple view helpers Moderate
GHSA-m7hr-j867-3f34 was published for zendframework/zend-view (Composer) Jun 7, 2024
ZendFramework vulnerable to Cross-site Scripting Moderate
GHSA-5gmf-3c43-q73v was published for zendframework/zendframework (Composer) Jun 7, 2024
Zendframework has potential Cross-site Scripting vector in multiple view helpers Moderate
GHSA-8q77-cv62-jj38 was published for zendframework/zendframework (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Frontend User Login Moderate
GHSA-2rcw-9hrm-8q7q was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Backend Modal Component Moderate
GHSA-7q33-hxwj-7p8v was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Online Media Asset Rendering Moderate
GHSA-8m6j-p5jv-v69w was published for typo3/cms (Composer) Jun 7, 2024
Cross-site scripting (XSS) vulnerability in Description metadata Moderate
CVE-2024-37160 was published for getformwork/formwork (Composer) Jun 7, 2024
Kyokito1412
TYPO3 Cross-Site Scripting in Form Framework validation handling Moderate
GHSA-v8m4-3w37-ghxx was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Form Framework Moderate
GHSA-4h5c-5g25-v7fh was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Link Handling Moderate
GHSA-xgmx-j3hv-jh9x was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Filelist Module Moderate
GHSA-g7hw-jh4p-75wr was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Fluid ViewHelpers Moderate
GHSA-85ch-44w7-rf32 was published for typo3/cms (Composer) Jun 7, 2024
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor... High Unreviewed
CVE-2024-5542 was published Jun 7, 2024
A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute... Moderate Unreviewed
CVE-2024-36773 was published Jun 7, 2024
The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-5645 was published Jun 7, 2024
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-5426 was published Jun 7, 2024
The Royal Elementor Addons and Templates for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-4488 was published Jun 7, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-4489 was published Jun 7, 2024
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-4451 was published Jun 7, 2024
The One Page Express Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-4703 was published Jun 7, 2024
The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)... Moderate Unreviewed
CVE-2024-5640 was published Jun 7, 2024
The WP Backpack WordPress plugin through 2.1 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2024-4756 was published Jun 7, 2024
The Logo Slider WordPress plugin before 4.0.0 does not validate and escape some of its Slider... Moderate Unreviewed
CVE-2024-3288 was published Jun 7, 2024
The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-5612 was published Jun 7, 2024
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo... Moderate Unreviewed
CVE-2024-4042 was published Jun 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database