GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,883 advisories
Cross-Site Scripting in Query Generator & Query View
Moderate
CVE-2021-32668
was published
for
typo3/cms
(Composer)
Jul 22, 2021
Cross-Site Scripting in Page Preview
Moderate
CVE-2021-32667
was published
for
typo3/cms
(Composer)
Jul 22, 2021
Information Disclosure in User Authentication
Moderate
CVE-2021-32767
was published
for
typo3/cms
(Composer)
Jul 26, 2021
CSV Injection in symfony/serializer
Moderate
CVE-2021-41270
was published
for
symfony/serializer
(Composer)
Nov 24, 2021
Cookie persistence after password changes in symfony/security-bundle
Moderate
CVE-2021-41268
was published
for
symfony/security-bundle
(Composer)
Nov 24, 2021
Webcache Poisoning in symfony/http-kernel
Moderate
CVE-2021-41267
was published
for
symfony/http-kernel
(Composer)
Nov 24, 2021
Authentication granted to all firewalls instead of just one
Moderate
CVE-2021-32693
was published
for
symfony/security-http
(Composer)
Jun 21, 2021
Cross-Site Scripting in TYPO3 CMS Link Handling
Moderate
CVE-2020-11065
was published
for
typo3/cms
(Composer)
May 13, 2020
Cross-Site Scripting in TYPO3 CMS Form Engine
Moderate
CVE-2020-11064
was published
for
typo3/cms
(Composer)
May 13, 2020
Mautic vulnerable to secret data exfiltration via symfony parameters
Moderate
CVE-2021-27908
was published
for
mautic/core
(Composer)
Apr 6, 2021
Laravel Framework XSS in Blade templating engine
Moderate
CVE-2021-43808
was published
for
illuminate/view
(Composer)
Dec 8, 2021
Improper Input Validation in guzzlehttp/psr7
Moderate
CVE-2022-24775
was published
for
guzzlehttp/psr7
(Composer)
Mar 25, 2022
Laravel Sensitive Data Exposure
Moderate
CVE-2017-14775
was published
for
illuminate/auth
(Composer)
May 17, 2022
Cross-site Scripting in enshrined/svg-sanitize
Moderate
CVE-2022-23638
was published
for
enshrined/svg-sanitize
(Composer)
Feb 14, 2022
Cross site scripting via HTML attributes in the back end
Moderate
CVE-2021-35955
was published
for
contao/contao
(Composer)
Aug 25, 2021
Moodle Improper Access Control
Moderate
CVE-2016-3733
was published
for
moodle/moodle
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API