GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4,857 advisories
Yii 2 Redis may expose AUTH parameters in logs in case of connection failure
Moderate
CVE-2025-48493
was published
for
yiisoft/yii2-redis
(Composer)
Jun 5, 2025
Laravel Rest Api has a Search Validation Bypass
Moderate
CVE-2025-48490
was published
for
lomkit/laravel-rest-api
(Composer)
May 27, 2025
Froxlor has an HTML Injection Vulnerability
Moderate
CVE-2025-48958
was published
for
froxlor/froxlor
(Composer)
Mar 11, 2025
TYPO3 Cross-Site Request Forgery in Log Module
Moderate
CVE-2024-55893
was published
for
typo3/cms-belog
(Composer)
Jan 14, 2025
TYPO3 Cross-Site Request Forgery in Backend User Module
Moderate
CVE-2024-55894
was published
for
typo3/cms-beuser
(Composer)
Jan 14, 2025
TYPO3 DB Check Module vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-55945
was published
for
typo3/cms-lowlevel
(Composer)
Jan 14, 2025
TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery
High
CVE-2024-55924
was published
for
typo3/cms-scheduler
(Composer)
Jan 14, 2025
Chrome PHP is missing encoding in `CssSelector`
Moderate
CVE-2025-48883
was published
for
chrome-php/chrome
(Composer)
May 28, 2025
Moodle stored Cross-site Scripting (XSS)
Moderate
CVE-2024-33997
was published
for
moodle/moodle
(Composer)
May 31, 2024
Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled
Critical
CVE-2024-56145
was published
for
craftcms/cms
(Composer)
Dec 18, 2024
ProTip!
Advisories are also available from the
GraphQL API