Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,318 advisories

Loading
Cross-Site Scripting (XSS) vulnerability in typolinks Moderate
GHSA-p5c5-gmj4-g48f was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting (XSS) in TYPO3 Backend Moderate
GHSA-hq37-rfjc-mr8h was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in third party library mso/idna-convert Moderate
GHSA-qmwf-j7g7-f5jw was published for typo3/cms (Composer) Jun 5, 2024
Information Disclosure in TYPO3 Backend Moderate
GHSA-vpr3-rc99-2wpr was published for typo3/cms (Composer) Jun 5, 2024
SQL Injection in TYPO3 Frontend Login Moderate
GHSA-j86x-pjmr-9m6w was published for typo3/cms (Composer) Jun 5, 2024
Insecure Unserialize in TYPO3 Import/Export Moderate
GHSA-xvcp-33rc-j8gq was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 Backend Moderate
GHSA-86r8-4g3w-7xjp was published for typo3/cms (Composer) Jun 5, 2024
Privilege Escalation in TYPO3 CMS Moderate
GHSA-v5jp-4h2p-j2p4 was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 Backend Moderate
GHSA-5wx6-xwxf-q8qj was published for typo3/cms (Composer) Jun 5, 2024
Authentication Bypass in TYPO3 CMS Moderate
GHSA-6xh8-8pfv-53vx was published for typo3/cms (Composer) Jun 5, 2024
Digital products download without proper payment status check Moderate
CVE-2024-37296 was published for aimeos/ai-client-html (Composer) Jun 5, 2024
ssshah2131
Vulnerable embedded jQuery Version Moderate
GHSA-jmh9-6rjq-gjh9 was published for pimcore/admin-ui-classic-bundle (Composer) Jun 5, 2024
hirakch
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search Moderate
GHSA-pmxp-7224-h794 was published for typo3/cms (Composer) Jun 4, 2024
Typo3 Arbitrary File Disclosure in Form Component Moderate
GHSA-wrpf-2x8h-82gr was published for typo3/cms (Composer) Jun 4, 2024
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content Moderate
GHSA-8j9v-4hhh-x43c was published for typo3/cms (Composer) Jun 4, 2024
Cross-Site Scripting (XSS) in TYPO3 component Backend Moderate
GHSA-3jxq-5xhh-9jr3 was published for typo3/cms (Composer) Jun 4, 2024
Reflected Cross-Site Scripting (XSS) in Dolibarr Moderate
CVE-2024-34051 was published for dolibarr/dolibarr (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting (XSS) in form component Moderate
GHSA-5j86-5xvg-7q93 was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting in legacy form component Moderate
GHSA-vgm8-r9gm-fw59 was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Cross-Site Scripting in link validator component Moderate
GHSA-cg4m-qjjp-7497 was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 Multiple Cross-Site Scripting vulnerabilities in frontend Moderate
GHSA-6fc6-cj2j-h22x was published for typo3/cms (Composer) Jun 3, 2024
Cross-Site Scripting in TYPO3 component Indexed Search Moderate
GHSA-wh8q-72cp-p5wf was published for typo3/cms (Composer) Jun 3, 2024
TYPO3 is susceptible to Cross-Site Flashing Moderate
GHSA-qrxh-46mr-pr7q was published for typo3/cms (Composer) Jun 3, 2024
Multiple Cross-Site Scripting vulnerabilities in TYPO3 backend Moderate
GHSA-5cxf-xx9j-54jc was published for typo3/cms (Composer) Jun 3, 2024
Reflected Cross-site Scripting in yiisoft/yii2 Debug mode Moderate
CVE-2024-32877 was published for yiisoft/yii2 (Composer) Jun 2, 2024
Antiphishing iBotPeaches
rob006
ProTip! Advisories are also available from the GraphQL API