Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,037
Erlang
29
GitHub Actions
18
Go
1,851
Maven
5,000+
npm
3,586
NuGet
636
pip
3,169
Pub
10
RubyGems
850
Rust
803
Swift
34
Unreviewed advisories
All unreviewed
5,000+

11 advisories

CosmWasm wasmd has large address count in ValidateBasic Low
GHSA-m3rh-cvr5-x6q4 was published for github.com/CosmWasm/wasmd (Go) Aug 8, 2024
sushiwushi
ASA-2024-003: Missing `BlockedAddressed` Validation in Vesting Module Moderate
GHSA-4j93-fm92-rp4m was published for github.com/cosmos/cosmos-sdk (Go) Feb 21, 2024
dongsam sushiwushi
TYPO3 vulnerable to Improper Access Control of Resources Referenced by t3:// URI Scheme Moderate
CVE-2024-25120 was published for typo3/cms-core (Composer) Feb 13, 2024
sushiwushi bnf
october/system arbitrary code execution High
CVE-2021-32650 was published for october/system (Composer) Jan 14, 2022
sushiwushi
Cross-Site-Request-Forgery in Backend High
CVE-2021-41113 was published for typo3/cms (Composer) Oct 5, 2021
sushiwushi ohader
Cross-Site Scripting via Rich-Text Content Moderate
CVE-2021-32768 was published for typo3/cms (Composer) Aug 19, 2021
sushiwushi ohader
einpraegsam
Cross-Site Scripting in Query Generator & Query View Moderate
CVE-2021-32668 was published for typo3/cms (Composer) Jul 22, 2021
sushiwushi
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form Moderate
CVE-2021-21358 was published for typo3/cms (Composer) Mar 23, 2021
andreaskienast sushiwushi
Broken Access Control in Form Framework High
CVE-2021-21357 was published for typo3/cms (Composer) Mar 23, 2021
sushiwushi waldhacker1
Unrestricted File Upload in Form Framework High
CVE-2021-21355 was published for typo3/cms (Composer) Mar 23, 2021
smichaelsen ohader
marclindemann vertexvaar sushiwushi waldhacker1
Cross-Site Scripting in Content Preview Moderate
CVE-2021-21340 was published for typo3/cms (Composer) Mar 23, 2021
sushiwushi andreaskienast
ProTip! Advisories are also available from the GraphQL API