GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
10 advisories
ASA-2024-003: Missing `BlockedAddressed` Validation in Vesting Module
Moderate
GHSA-4j93-fm92-rp4m
was published
for
github.com/cosmos/cosmos-sdk
(Go)
Feb 21, 2024
TYPO3 vulnerable to Improper Access Control of Resources Referenced by t3:// URI Scheme
Moderate
CVE-2024-25120
was published
for
typo3/cms-core
(Composer)
Feb 13, 2024
october/system arbitrary code execution
High
CVE-2021-32650
was published
for
october/system
(Composer)
Jan 14, 2022
Cross-Site-Request-Forgery in Backend
High
CVE-2021-41113
was published
for
typo3/cms
(Composer)
Oct 5, 2021
Cross-Site Scripting via Rich-Text Content
Moderate
CVE-2021-32768
was published
for
typo3/cms
(Composer)
Aug 19, 2021
Cross-Site Scripting in Query Generator & Query View
Moderate
CVE-2021-32668
was published
for
typo3/cms
(Composer)
Jul 22, 2021
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form
Moderate
CVE-2021-21358
was published
for
typo3/cms
(Composer)
Mar 23, 2021
Broken Access Control in Form Framework
High
CVE-2021-21357
was published
for
typo3/cms
(Composer)
Mar 23, 2021
Unrestricted File Upload in Form Framework
High
CVE-2021-21355
was published
for
typo3/cms
(Composer)
Mar 23, 2021
Cross-Site Scripting in Content Preview
Moderate
CVE-2021-21340
was published
for
typo3/cms
(Composer)
Mar 23, 2021
ProTip!
Advisories are also available from the
GraphQL API