Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
48
GitHub Actions
48
Go
3,393
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,614
Pub
13
RubyGems
1,026
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

28,243 advisories

Loading
Flow Bugfix Releases for Entity Security High
GHSA-vh6j-wv25-8qxr was published for typo3/flow (Composer) Jun 5, 2024
Cross-Site Scripting (XSS) vulnerabilities in Neos High
GHSA-4542-p56h-8xww was published for typo3/neos (Composer) Jun 5, 2024
Typo3 Cross-Site Scripting in Language Pack Handling Moderate
GHSA-259v-xm34-p7fr was published for typo3/cms (Composer) Jun 5, 2024
Typo3 Broken Access Control in Import Module Moderate
GHSA-f5rr-9r84-wwqf was published for typo3/cms (Composer) Jun 5, 2024
Typo3 Information Disclosure in Page Tree Low
GHSA-h934-f4m4-wc8x was published for typo3/cms (Composer) Jun 5, 2024
Typo3 Arbitrary Code Execution and Cross-Site Scripting in Backend API Moderate
GHSA-hww5-6x85-mc24 was published for typo3/cms (Composer) Jun 5, 2024
Typo3 Security Misconfiguration in Frontend Session Handling Moderate
GHSA-qr5f-6fcv-w69q was published for typo3/cms (Composer) Jun 5, 2024
Typo3 Security Misconfiguration in User Session Handling Moderate
GHSA-g9rv-6g56-65h8 was published for typo3/cms (Composer) Jun 5, 2024
Typo3 Information Disclosure in Backend User Interface Moderate
GHSA-q9c4-9v5m-597p was published for typo3/cms (Composer) Jun 5, 2024
Typo3 Information Disclosure in User Authentication Moderate
GHSA-m96r-7vqm-j95g was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 CMS Backend Moderate
GHSA-v4qr-8h2v-qpjx was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 CMS Moderate
GHSA-5gr6-97fv-52cc was published for typo3/cms (Composer) Jun 5, 2024
Insecure Unserialize in TYPO3 Backend Moderate
GHSA-c7rj-92xr-wprg was published for typo3/cms (Composer) Jun 5, 2024
Observable Timing Discrepancy in pypqc High
GHSA-hvh4-5qr6-3v7r was published for pypqc (pip) Jun 5, 2024
James-E-A Credited to James-E-A
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC High
CVE-2024-36129 was published for go.opentelemetry.io/collector/config/configgrpc (Go) Jun 5, 2024
jpkrohling Credited to jpkrohling, arminru, mx-psi, and stamparm arminru arminru
mx-psi mx-psi stamparm stamparm
Cache Flooding in TYPO3 Frontend Moderate
GHSA-pw2q-qwvj-gh43 was published for typo3/cms (Composer) Jun 5, 2024
Authentication Bypass in TYPO3 Frontend Moderate
GHSA-mh3r-6cp5-hc2j was published for typo3/cms (Composer) Jun 5, 2024
BoringSSLAEADContext in Netty Repeats Nonces Moderate
CVE-2024-36121 was published for io.netty.incubator:netty-incubator-codec-ohttp (Maven) Jun 5, 2024
SalusaSecondus Credited to SalusaSecondus
Authentication Bypass in TYPO3 CMS Moderate
GHSA-6f9m-v7mp-7jjq was published for typo3/cms (Composer) Jun 5, 2024
Information Disclosure in TYPO3 CMS Moderate
GHSA-g46h-v2cc-6c94 was published for typo3/cms (Composer) Jun 5, 2024
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS High
GHSA-ppgf-8745-8pgx was published for typo3/cms (Composer) Jun 5, 2024
PyMongo Out-of-bounds Read in the bson module Moderate
CVE-2024-5629 was published for pymongo (pip) Jun 5, 2024
Information Disclosure in TYPO3 CMS Low
GHSA-c7p6-3c9c-f88q was published for typo3/cms (Composer) Jun 5, 2024
Privilege Escalation & SQL Injection in TYPO3 CMS High
GHSA-7qwg-fcpw-xg5g was published for typo3/cms (Composer) Jun 5, 2024
TYPO3 Remote Code Execution in third party library swiftmailer High
GHSA-g4pf-3jvq-2gcw was published for typo3/cms (Composer) Jun 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database