GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
51 advisories
Insufficient type validation in pocketmine/pocketmine-mp
High
GHSA-g5rr-p69h-7v3g
was published
for
pocketmine/pocketmine-mp
(Composer)
Apr 22, 2022
CakePHP allows remote attackers to modify internal Cake cache and execute arbitrary code
High
CVE-2010-4335
was published
for
cakephp/cakephp
(Composer)
May 17, 2022
Browsershot does not validate URL protocols passed to Browsershot URL method
High
CVE-2022-41706
was published
for
spatie/browsershot
(Composer)
Nov 25, 2022
CakePHP allows remote attackers to spoof their IP
High
CVE-2016-4793
was published
for
cakephp/cakephp
(Composer)
May 14, 2022
HTTP Multiline Header Termination
High
CVE-2023-29530
was published
for
laminas/laminas-diactoros
(Composer)
Apr 24, 2023
Grav Server-side Template Injection (SSTI) via Twig Default Filters
High
CVE-2023-34448
was published
for
getgrav/grav
(Composer)
Jun 16, 2023
Froxlor username/surname AND company field Bypass
High
CVE-2023-50256
was published
for
froxlor/froxlor
(Composer)
Jan 4, 2024
PrestaShop some attribute not escaped in Validate::isCleanHTML method
High
CVE-2024-21627
was published
for
prestashop/prestashop
(Composer)
Jan 3, 2024
ProTip!
Advisories are also available from the
GraphQL API