Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Drupal Cross-Site Scripting vulnerability Moderate
CVE-2011-2714 was published for drupal/core (Composer) Apr 22, 2022
Elgg Reflected XSS Vulnerability Moderate
CVE-2011-2935 was published for elgg/elgg (Composer) Apr 22, 2022
Typo3 Information Disclosure Moderate
CVE-2011-4900 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Arbitrary Information Disclosure Moderate
CVE-2011-4901 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 XSS Vulnerability Moderate
CVE-2011-4630 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 XSS Vulnerabilities Moderate
CVE-2011-4632 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Arbitrary File Delete Moderate
CVE-2011-4902 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Improper Access Control Moderate
CVE-2011-4904 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 XSS in RemoveXSS function Moderate
CVE-2011-4903 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Information Disclosure Moderate
CVE-2011-4627 was published for typo3/cms (Composer) Apr 22, 2022
TYPO3 is vulnerable to Information Disclosure in the HTML mailing API Moderate
CVE-2010-3673 was published for typo3/cms-core (Composer) Apr 21, 2022
TYPO3 vulnerable to Cross-Site Scripting in the textarea view helper Moderate
CVE-2010-3672 was published for typo3/cms-fluid (Composer) Apr 21, 2022
TYPO3 is vulnerable to Session Fixation Moderate
CVE-2010-3671 was published for typo3/cms-install (Composer) Apr 21, 2022
TYPO3 is vulnerable to insecure randomness during hash generation in forgot password function Moderate
CVE-2010-3670 was published for typo3/cms-frontend (Composer) Apr 21, 2022
TYPO3 is vulnerable to Information Disclosure on the backend Moderate
CVE-2010-3664 was published for typo3/cms-backend (Composer) Apr 21, 2022
TYPO3 is vulnerable to Spam Abuse in the native form content element Moderate
CVE-2010-3667 was published for typo3/cms-frontend (Composer) Apr 21, 2022
TYPO3 is vulnerable to Insecure randomness in uniqid function Moderate
CVE-2010-3666 was published for typo3/cms-install (Composer) Apr 21, 2022
TYPO3 Open Redirection vulnerability on the backend Moderate
CVE-2010-3661 was published for typo3/cms-backend (Composer) Apr 21, 2022
TYPO3 is vulnerable to Cross-Site Scripting (XSS) on the backend Moderate
CVE-2010-3660 was published for typo3/cms-backend (Composer) Apr 21, 2022
Cross site scripting in safe-svg Moderate
CVE-2022-1091 was published for darylldoyle/safe-svg (Composer) Apr 19, 2022
tdunlap607
Cross-site Scripting in snipe-it Moderate
CVE-2022-1380 was published for snipe/snipe-it (Composer) Apr 17, 2022
Cross-site Scripting in Pimcore Moderate
CVE-2022-1351 was published for pimcore/pimcore (Composer) Apr 15, 2022
HTML Injection in Froxlor Moderate
CVE-2020-29653 was published for froxlor/froxlor (Composer) Apr 14, 2022
MantisBT vulnerable to XSS due to improper escape in manage_plugin_page.php and manage_plugin_uninstall.php Moderate
CVE-2022-26144 was published for mantisbt/mantisbt (Composer) Apr 14, 2022
Open redirect in wwbn/avideo Moderate
CVE-2022-27463 was published for wwbn/avideo (Composer) Apr 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database