Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,630
Maven
5,000+
npm
5,000+
NuGet
928
pip
4,850
Pub
13
RubyGems
1,045
Rust
1,301
Swift
53
Unreviewed advisories
All unreviewed
5,000+

29,574 advisories

Loading
Duplicate Advisory: TYPO3 Cross-Site Scripting vulnerability in typolinks Moderate
GHSA-75mx-chcf-2q32 was published for typo3/cms (Composer) May 30, 2024 withdrawn
TYPO3 Frontend vulnerable to Unauthenticated Path Disclosure Moderate
GHSA-pqfv-97hj-g97g was published for typo3/cms (Composer) May 30, 2024
TYPO3 Brute Force Protection Bypass in backend login Moderate
GHSA-jqr8-q455-xx45 was published for typo3/cms (Composer) May 30, 2024
TYPO3 Information Disclosure Vulnerability Exploitable by Editors Moderate
GHSA-r287-hc8j-w56h was published for typo3/cms (Composer) May 30, 2024
TYPO3 Cross-Site Scripting Vulnerability Exploitable by Editors Moderate
GHSA-wp8j-c736-c5r3 was published for typo3/cms (Composer) May 30, 2024
TYPO3 frontend login vulnerable to Session Fixation High
GHSA-r9vc-jfmh-6j48 was published for typo3/cms (Composer) May 30, 2024
TYPO3 may allow editors to change, create, or delete metadata of files not within their file mounts High
GHSA-4r76-xr68-w7m7 was published for typo3/cms (Composer) May 30, 2024
Duplicate Advisory: Apache Superset uncontrolled resource consumption Moderate
CVE-2024-23952 was published for apache-superset (pip) May 30, 2024 withdrawn
TYPO3 possible cache poisoning on the homepage when anchors are used High
GHSA-p84g-j2gh-83g3 was published for typo3/cms (Composer) May 30, 2024
ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting Moderate
GHSA-mxjf-hc9v-xgv2 was published for typo3/cms (Composer) May 30, 2024
OpenCMS Cross-Site Scripting vulnerability Moderate
CVE-2024-5520 was published for org.opencms:opencms-core (Maven) May 30, 2024
TYPO3 Arbitrary Shell Execution in Swiftmailer library High
GHSA-45xg-4w5x-j429 was published for typo3/cms (Composer) May 30, 2024
TYPO3 Possible Insecure Deserialization in Extbase Request Handling High
GHSA-5h5v-m596-r6rf was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Filelist Module Moderate
GHSA-6xwf-7rfm-4gwc was published for typo3/cms-core (Composer) May 30, 2024
mysql2 vulnerable to Prototype Pollution High
CVE-2024-21512 was published for mysql2 (npm) May 30, 2024
TYPO3 Cross-Site Scripting in Link Handling Moderate
GHSA-4ppr-jw47-9qm5 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Cross-Site Scripting in Form Framework validation handling Moderate
GHSA-95qm-3xp7-vfj5 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Arbitrary Code Execution and Cross-Site Scripting in Backend API High
GHSA-x428-565f-8xj2 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Broken Access Control in Import Module Moderate
GHSA-g776-759r-pf6x was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Security Misconfiguration in Frontend Session Handling High
GHSA-82vp-jr39-4j2j was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Information Disclosure in Backend User Interface Moderate
GHSA-rv8r-8mh5-5376 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Information Disclosure in User Authentication Moderate
GHSA-wj85-rg5g-v8jm was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Disclosure of Information about Installed Extensions Moderate
GHSA-p2h4-7fp3-cmh8 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Information Disclosure in Page Tree Moderate
GHSA-wvvp-jwf5-qcpc was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Security Misconfiguration in User Session Handling Moderate
GHSA-xmgr-jff3-fcfv was published for typo3/cms-core (Composer) May 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database