GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
8,442 advisories
Filter by severity
TYPO3 Cross-Site Scripting vulnerability in typolinks
Moderate
GHSA-75mx-chcf-2q32
was published
for
typo3/cms
(Composer)
May 30, 2024
TYPO3 Frontend vulnerable to Unauthenticated Path Disclosure
Moderate
GHSA-pqfv-97hj-g97g
was published
for
typo3/cms
(Composer)
May 30, 2024
TYPO3 Brute Force Protection Bypass in backend login
Moderate
GHSA-jqr8-q455-xx45
was published
for
typo3/cms
(Composer)
May 30, 2024
TYPO3 Information Disclosure Vulnerability Exploitable by Editors
Moderate
GHSA-r287-hc8j-w56h
was published
for
typo3/cms
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting Vulnerability Exploitable by Editors
Moderate
GHSA-wp8j-c736-c5r3
was published
for
typo3/cms
(Composer)
May 30, 2024
ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting
Moderate
GHSA-mxjf-hc9v-xgv2
was published
for
typo3/cms
(Composer)
May 30, 2024
OpenCMS Cross-Site Scripting vulnerability
Moderate
CVE-2024-5520
was published
for
org.opencms:opencms-core
(Maven)
May 30, 2024
TYPO3 Cross-Site Scripting in Filelist Module
Moderate
GHSA-6xwf-7rfm-4gwc
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting in Link Handling
Moderate
GHSA-4ppr-jw47-9qm5
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting in Form Framework validation handling
Moderate
GHSA-95qm-3xp7-vfj5
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Broken Access Control in Import Module
Moderate
GHSA-g776-759r-pf6x
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Information Disclosure in Backend User Interface
Moderate
GHSA-rv8r-8mh5-5376
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Information Disclosure in User Authentication
Moderate
GHSA-wj85-rg5g-v8jm
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Disclosure of Information about Installed Extensions
Moderate
GHSA-p2h4-7fp3-cmh8
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Information Disclosure in Page Tree
Moderate
GHSA-wvvp-jwf5-qcpc
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Security Misconfiguration in User Session Handling
Moderate
GHSA-xmgr-jff3-fcfv
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting in Form Framework
Moderate
GHSA-4459-qrcc-vfcf
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting in Language Pack Handling
Moderate
GHSA-76r3-m635-p3vc
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Broken Access Control in Localization Handling
Moderate
GHSA-9rx9-7fmh-gj3g
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting in Fluid ViewHelpers
Moderate
GHSA-22q7-cg4r-p9mx
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Denial of Service in Online Media Asset Handling
Moderate
GHSA-29m4-mx89-3mjg
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Information Disclosure in Install Tool
Moderate
GHSA-66c2-7g4p-wx4p
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting in Frontend User Login
Moderate
GHSA-8c25-vj2w-p72j
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting in Backend Modal Component
Moderate
GHSA-g4c9-qfvw-fmr4
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Cross-Site Scripting in Online Media Asset Rendering
Moderate
GHSA-wg8h-gxf4-g4gh
was published
for
typo3/cms-core
(Composer)
May 30, 2024
ProTip!
Advisories are also available from the
GraphQL API