Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Time-Based Information Disclosure Vulnerability in Flow Moderate
GHSA-r6mm-wmhf-849m was published for typo3/flow (Composer) Jun 5, 2024
By-passing Protection of PharStreamWrapper Interceptor Moderate
GHSA-4v5g-8pq2-32m2 was published for typo3/phar-stream-wrapper (Composer) Jun 5, 2024
Typo3 Arbitrary file upload and XML External Entity processing Moderate
GHSA-2p4f-vc9q-r5vp was published for typo3/flow (Composer) Jun 5, 2024
Insecure Unserialize Vulnerability in FLOW3 Moderate
GHSA-m2hp-5x78-74mg was published for typo3/flow (Composer) Jun 5, 2024
Improper Authentication in CraftCMS two factor authentication plugin Moderate
CVE-2024-5658 was published for born05/craft-twofactorauthentication (Composer) Jun 6, 2024
TokenController formName not sanitized in hidden input Moderate
CVE-2024-37156 was published for sulu/form-bundle (Composer) Jun 6, 2024
picturestone rogamoore
TYPO3 Cross-Site Scripting in Fluid ViewHelpers Moderate
GHSA-85ch-44w7-rf32 was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Filelist Module Moderate
GHSA-g7hw-jh4p-75wr was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Broken Access Control in Localization Handling Moderate
GHSA-772m-43f3-hmf8 was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Link Handling Moderate
GHSA-xgmx-j3hv-jh9x was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Form Framework Moderate
GHSA-4h5c-5g25-v7fh was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Form Framework validation handling Moderate
GHSA-v8m4-3w37-ghxx was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Information Disclosure of Installed Extensions Moderate
GHSA-f624-8hfq-5fh3 was published for typo3/cms (Composer) Jun 7, 2024
Cross-site scripting (XSS) vulnerability in Description metadata Moderate
CVE-2024-37160 was published for getformwork/formwork (Composer) Jun 7, 2024
Kyokito1412
TYPO3 Cross-Site Scripting in Online Media Asset Rendering Moderate
GHSA-8m6j-p5jv-v69w was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Backend Modal Component Moderate
GHSA-7q33-hxwj-7p8v was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Frontend User Login Moderate
GHSA-2rcw-9hrm-8q7q was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Information Disclosure in Install Tool Moderate
GHSA-6487-3qvg-8px9 was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Denial of Service in Online Media Asset Handling Moderate
GHSA-f3wf-q4fj-3gxf was published for typo3/cms (Composer) Jun 7, 2024
Zendframework has potential Cross-site Scripting vector in multiple view helpers Moderate
GHSA-8q77-cv62-jj38 was published for zendframework/zendframework (Composer) Jun 7, 2024
Zendframework session validation vulnerability Moderate
GHSA-62f6-h68r-3jpw was published for zendframework/zendframework (Composer) Jun 7, 2024
ZendFramework Information Disclosure and Insufficient Entropy vulnerability Moderate
GHSA-2fhr-8r8r-qp56 was published for zendframework/zendframework (Composer) Jun 7, 2024
ZendFramework Potential Proxy Injection Vulnerabilities Moderate
GHSA-mg7h-9qfx-4r83 was published for zendframework/zendframework (Composer) Jun 7, 2024
ZendFramework potential remote code execution in zend-mail via Sendmail adapter Moderate
GHSA-gff2-p6vm-3p8g was published for zendframework/zendframework (Composer) Jun 7, 2024
ZendFramework vulnerable to Cross-site Scripting Moderate
GHSA-5gmf-3c43-q73v was published for zendframework/zendframework (Composer) Jun 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database