GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,253
Composer 3,944
Erlang 29
GitHub Actions 16
Go 1,729
Maven 4,955
npm 3,489
NuGet 607
pip 3,056
Pub 10
RubyGems 832
Rust 778
Swift 34

Unreviewed advisories

All unreviewed 219,601

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

19,253 advisories

Filter by severity

Sort by

Least recently updated

TYPO3 Cross-Site Scripting in Frontend User Login Moderate

GHSA-2rcw-9hrm-8q7q was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Cross-Site Scripting in Backend Modal Component Moderate

GHSA-7q33-hxwj-7p8v was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Cross-Site Scripting in Online Media Asset Rendering Moderate

GHSA-8m6j-p5jv-v69w was published for typo3/cms (Composer) Jun 7, 2024

Symlink bypasses filesystem sandbox Low

GHSA-55f3-3qvg-8pv5 was published for wasmer (Rust) Jun 7, 2024

Cross-site scripting (XSS) vulnerability in Description metadata Moderate

CVE-2024-37160 was published for getformwork/formwork (Composer) Jun 7, 2024

TYPO3 Arbitrary Code Execution via File List Module High

GHSA-8h4m-r4wm-xj7r was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Denial of Service in Frontend Record Registration High

GHSA-g585-crjf-vhwq was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Information Disclosure of Installed Extensions Moderate

GHSA-f624-8hfq-5fh3 was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Cross-Site Scripting in Form Framework validation handling Moderate

GHSA-v8m4-3w37-ghxx was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Cross-Site Scripting in Form Framework Moderate

GHSA-4h5c-5g25-v7fh was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Security Misconfiguration for Backend User Accounts High

GHSA-c5mj-39cf-3pp5 was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Cross-Site Scripting in Link Handling Moderate

GHSA-xgmx-j3hv-jh9x was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Broken Access Control in Localization Handling Moderate

GHSA-772m-43f3-hmf8 was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Cross-Site Scripting in Filelist Module Moderate

GHSA-g7hw-jh4p-75wr was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 Cross-Site Scripting in Fluid ViewHelpers Moderate

GHSA-85ch-44w7-rf32 was published for typo3/cms (Composer) Jun 7, 2024

TYPO3 CMS Possible Insecure Deserialization in Extbase Request Handling High

GHSA-hh95-5xm5-v8v7 was published for typo3/cms (Composer) Jun 7, 2024

Weak encryption in Ninja Core Moderate

CVE-2024-36823 was published for org.ninjaframework:ninja-core (Maven) Jun 7, 2024

Generation of Error Message Containing Sensitive Information in zsa Moderate

CVE-2024-37162 was published for zsa (npm) Jun 6, 2024

Tornado has a CRLF injection in CurlAsyncHTTPClient headers Moderate

GHSA-w235-7p84-xx57 was published for tornado (pip) Jun 6, 2024

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado Moderate

GHSA-753j-mpmx-qq6g was published for tornado (pip) Jun 6, 2024

TokenController formName not sanitized in hidden input Moderate

CVE-2024-37156 was published for sulu/form-bundle (Composer) Jun 6, 2024

Authentication bypass in dtale Critical

CVE-2024-3408 was published for dtale (pip) Jun 6, 2024

SQL injection in litellm Moderate

CVE-2024-4890 was published for litellm (pip) Jun 6, 2024

SQL injection in litellm Moderate

CVE-2024-5225 was published for litellm (pip) Jun 6, 2024

Arbitrary file deletion in litellm Moderate

CVE-2024-4888 was published for litellm (pip) Jun 6, 2024

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

19,253 advisories