Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
TYPO3 Frontend vulnerable to Unauthenticated Path Disclosure Moderate
GHSA-pqfv-97hj-g97g was published for typo3/cms (Composer) May 30, 2024
TYPO3 Cross-Site Scripting vulnerability in typolinks Moderate
GHSA-75mx-chcf-2q32 was published for typo3/cms (Composer) May 30, 2024
Moodle broken access control when setting calendar event type Moderate
CVE-2024-33996 was published for moodle/moodle (Composer) May 31, 2024
Moodle Cross-site Scripting (XSS) Moderate
CVE-2024-33998 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Moodle stored Cross-site Scripting (XSS) Moderate
CVE-2024-33997 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Moodle Cross-site Scripting (XSS) Moderate
CVE-2024-34000 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Moodle Authenticated LFI risk in some misconfigured shared hosting environments Moderate
CVE-2024-34004 was published for moodle/moodle (Composer) May 31, 2024
Moodle Authenticated LFI risk in some misconfigured shared hosting environments Moderate
CVE-2024-34003 was published for moodle/moodle (Composer) May 31, 2024
Moodle Unsanitized HTML in site log for config_log_created Moderate
CVE-2024-34006 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Moodle Logout CSRF in admin/tool/mfa/auth.php Moderate
CVE-2024-34007 was published for moodle/moodle (Composer) May 31, 2024
Reflected Cross-site Scripting in yiisoft/yii2 Debug mode Moderate
CVE-2024-32877 was published for yiisoft/yii2 (Composer) Jun 2, 2024
Antiphishing iBotPeaches
rob006
Multiple Cross-Site Scripting vulnerabilities in TYPO3 backend Moderate
GHSA-5cxf-xx9j-54jc was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 is susceptible to Cross-Site Flashing Moderate
GHSA-qrxh-46mr-pr7q was published for typo3/cms (Composer) Jun 3, 2024
Cross-Site Scripting in TYPO3 component Indexed Search Moderate
GHSA-wh8q-72cp-p5wf was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Multiple Cross-Site Scripting vulnerabilities in frontend Moderate
GHSA-6fc6-cj2j-h22x was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting in link validator component Moderate
GHSA-cg4m-qjjp-7497 was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting in legacy form component Moderate
GHSA-vgm8-r9gm-fw59 was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting (XSS) in form component Moderate
GHSA-5j86-5xvg-7q93 was published for typo3/cms (Composer) Jun 3, 2024
Reflected Cross-Site Scripting (XSS) in Dolibarr Moderate
CVE-2024-34051 was published for dolibarr/dolibarr (Composer) Jun 3, 2024
Cross-Site Scripting (XSS) in TYPO3 component Backend Moderate
GHSA-3jxq-5xhh-9jr3 was published for typo3/cms (Composer) Jun 4, 2024
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content Moderate
GHSA-8j9v-4hhh-x43c was published for typo3/cms (Composer) Jun 4, 2024
Typo3 Arbitrary File Disclosure in Form Component Moderate
GHSA-wrpf-2x8h-82gr was published for typo3/cms (Composer) Jun 4, 2024
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search Moderate
GHSA-pmxp-7224-h794 was published for typo3/cms (Composer) Jun 4, 2024
Vulnerable embedded jQuery Version Moderate
GHSA-jmh9-6rjq-gjh9 was published for pimcore/admin-ui-classic-bundle (Composer) Jun 5, 2024
hirakch
Digital products download without proper payment status check Moderate
CVE-2024-37296 was published for aimeos/ai-client-html (Composer) Jun 5, 2024
ssshah2131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database