GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,318 advisories
Filter by severity
Cross-Site Scripting (XSS) vulnerability in typolinks
Moderate
GHSA-p5c5-gmj4-g48f
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Cross-Site Scripting (XSS) in TYPO3 Backend
Moderate
GHSA-hq37-rfjc-mr8h
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Cross-Site Scripting in third party library mso/idna-convert
Moderate
GHSA-qmwf-j7g7-f5jw
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Information Disclosure in TYPO3 Backend
Moderate
GHSA-vpr3-rc99-2wpr
was published
for
typo3/cms
(Composer)
Jun 5, 2024
SQL Injection in TYPO3 Frontend Login
Moderate
GHSA-j86x-pjmr-9m6w
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Insecure Unserialize in TYPO3 Import/Export
Moderate
GHSA-xvcp-33rc-j8gq
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Cross-Site Scripting in TYPO3 Backend
Moderate
GHSA-86r8-4g3w-7xjp
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Privilege Escalation in TYPO3 CMS
Moderate
GHSA-v5jp-4h2p-j2p4
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Cross-Site Scripting in TYPO3 Backend
Moderate
GHSA-5wx6-xwxf-q8qj
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Authentication Bypass in TYPO3 CMS
Moderate
GHSA-6xh8-8pfv-53vx
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Digital products download without proper payment status check
Moderate
CVE-2024-37296
was published
for
aimeos/ai-client-html
(Composer)
Jun 5, 2024
Vulnerable embedded jQuery Version
Moderate
GHSA-jmh9-6rjq-gjh9
was published
for
pimcore/admin-ui-classic-bundle
(Composer)
Jun 5, 2024
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search
Moderate
GHSA-pmxp-7224-h794
was published
for
typo3/cms
(Composer)
Jun 4, 2024
Typo3 Arbitrary File Disclosure in Form Component
Moderate
GHSA-wrpf-2x8h-82gr
was published
for
typo3/cms
(Composer)
Jun 4, 2024
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content
Moderate
GHSA-8j9v-4hhh-x43c
was published
for
typo3/cms
(Composer)
Jun 4, 2024
Cross-Site Scripting (XSS) in TYPO3 component Backend
Moderate
GHSA-3jxq-5xhh-9jr3
was published
for
typo3/cms
(Composer)
Jun 4, 2024
Reflected Cross-Site Scripting (XSS) in Dolibarr
Moderate
CVE-2024-34051
was published
for
dolibarr/dolibarr
(Composer)
Jun 3, 2024
TYPO3 Cross-Site Scripting (XSS) in form component
Moderate
GHSA-5j86-5xvg-7q93
was published
for
typo3/cms
(Composer)
Jun 3, 2024
TYPO3 Cross-Site Scripting in legacy form component
Moderate
GHSA-vgm8-r9gm-fw59
was published
for
typo3/cms
(Composer)
Jun 3, 2024
TYPO3 Cross-Site Scripting in link validator component
Moderate
GHSA-cg4m-qjjp-7497
was published
for
typo3/cms
(Composer)
Jun 3, 2024
TYPO3 Multiple Cross-Site Scripting vulnerabilities in frontend
Moderate
GHSA-6fc6-cj2j-h22x
was published
for
typo3/cms
(Composer)
Jun 3, 2024
Cross-Site Scripting in TYPO3 component Indexed Search
Moderate
GHSA-wh8q-72cp-p5wf
was published
for
typo3/cms
(Composer)
Jun 3, 2024
TYPO3 is susceptible to Cross-Site Flashing
Moderate
GHSA-qrxh-46mr-pr7q
was published
for
typo3/cms
(Composer)
Jun 3, 2024
Multiple Cross-Site Scripting vulnerabilities in TYPO3 backend
Moderate
GHSA-5cxf-xx9j-54jc
was published
for
typo3/cms
(Composer)
Jun 3, 2024
Reflected Cross-site Scripting in yiisoft/yii2 Debug mode
Moderate
CVE-2024-32877
was published
for
yiisoft/yii2
(Composer)
Jun 2, 2024
ProTip!
Advisories are also available from the
GraphQL API