Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,140 advisories

Loading
ZendFramework Potential Information Disclosure and Insufficient Entropy vulnerabilities High
GHSA-xg9w-r469-m455 was published for zendframework/zendframework (Composer) Jun 7, 2024
ZendFramework Route Parameter Injection Via Query String in `Zend\Mvc` High
GHSA-jq87-2wxp-8349 was published for zendframework/zendframework (Composer) Jun 7, 2024
Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress` High
GHSA-xffp-6w68-4775 was published for zendframework/zendframework (Composer) Jun 7, 2024
TYPO3 Security Misconfiguration in Install Tool Cookie High
GHSA-f777-f784-36gm was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Arbitrary Code Execution via File List Module High
GHSA-8h4m-r4wm-xj7r was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Denial of Service in Frontend Record Registration High
GHSA-g585-crjf-vhwq was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Security Misconfiguration for Backend User Accounts High
GHSA-c5mj-39cf-3pp5 was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 CMS Possible Insecure Deserialization in Extbase Request Handling High
GHSA-hh95-5xm5-v8v7 was published for typo3/cms (Composer) Jun 7, 2024
typo3 Security fix for Flow Swift Mailer package High
GHSA-xjw3-5r5c-m5ph was published for typo3/swiftmailer (Composer) Jun 5, 2024
typo3 Information Disclosure Security Note High
GHSA-g4xv-r3qw-v3q2 was published for typo3/neos (Composer) Jun 5, 2024
Flow Bugfix Releases for Entity Security High
GHSA-vh6j-wv25-8qxr was published for typo3/flow (Composer) Jun 5, 2024
Cross-Site Scripting (XSS) vulnerabilities in Neos High
GHSA-4542-p56h-8xww was published for typo3/neos (Composer) Jun 5, 2024
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS High
GHSA-ppgf-8745-8pgx was published for typo3/cms (Composer) Jun 5, 2024
Privilege Escalation & SQL Injection in TYPO3 CMS High
GHSA-7qwg-fcpw-xg5g was published for typo3/cms (Composer) Jun 5, 2024
TYPO3 Remote Code Execution in third party library swiftmailer High
GHSA-g4pf-3jvq-2gcw was published for typo3/cms (Composer) Jun 5, 2024
Insecure Deserialization in TYPO3 CMS High
GHSA-8h28-f46f-m87h was published for typo3/cms (Composer) Jun 5, 2024
Remote code execution in web server context High
CVE-2024-37295 was published for aimeos/aimeos-core (Composer) Jun 5, 2024
ssshah2131
Flooding Server with Thumbnail files High
CVE-2024-32871 was published for pimcore/pimcore (Composer) Jun 4, 2024
jheimbach dandanx
XML External Entity (XXE) Processing in TYPO3 Core High
GHSA-qffc-gwpp-m2xr was published for typo3/cms (Composer) Jun 4, 2024
TYPO3 SQL Injection in dbal High
GHSA-9895-53fc-98v2 was published for typo3/cms (Composer) Jun 3, 2024
Unsafe Reflection in base Component class in yiisoft/yii2 High
CVE-2024-4990 was published for yiisoft/yii2 (Composer) Jun 2, 2024
zonia3000 mtangoo
iBotPeaches rob006
Moodle CSRF risk in analytics management of models High
CVE-2024-34008 was published for moodle/moodle (Composer) May 31, 2024
Moodle Authenticated LFI risk in some misconfigured shared hosting environments High
CVE-2024-34002 was published for moodle/moodle (Composer) May 31, 2024
Moodle ReCAPTCHA can be bypassed on the login page High
CVE-2024-34009 was published for moodle/moodle (Composer) May 31, 2024
Moodle Authenticated LFI risk in some misconfigured shared hosting environments High
CVE-2024-34005 was published for moodle/moodle (Composer) May 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database