GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
117,795 advisories
Filter by severity
A vulnerability, which was classified as critical, has been found in Campcodes Online Examination...
Moderate
Unreviewed
CVE-2024-4914
was published
May 16, 2024
Magento Cross-Site Scripting (XSS) vulnerability
Moderate
GHSA-mcfc-67vm-j568
was published
for
magento/community-edition
(Composer)
May 15, 2024
Data Leakage Vulnerability in livewire/livewire
Moderate
GHSA-qwvp-268g-jjm8
was published
for
livewire/livewire
(Composer)
May 15, 2024
Insecure State Generation in laravel/socialite
Moderate
GHSA-h97c-qp24-439v
was published
for
laravel/socialite
(Composer)
May 15, 2024
State Guessing Vulnerability in laravel/socialite
Moderate
GHSA-7fjv-25q9-2w88
was published
for
laravel/socialite
(Composer)
May 15, 2024
Laravel Guard bypass in Eloquent models
Moderate
GHSA-44pg-c29v-hp6r
was published
for
laravel/framework
(Composer)
May 15, 2024
Laravel Cross-site Scripting (XSS) vulnerability in blade templating
Moderate
GHSA-vr95-p7q6-8m9q
was published
for
laravel/framework
(Composer)
May 15, 2024
Laravel Encrypter Component Potential Decryption Failure Leading to Unintended Behavior
Moderate
GHSA-7852-w36x-6mf6
was published
for
laravel/framework
(Composer)
May 15, 2024
Laravel Hijacked authentication cookies vulnerability
Moderate
GHSA-p62r-7637-3wwc
was published
for
laravel/framework
(Composer)
May 15, 2024
Laravel Risk of mass-assignment vulnerabilities
Moderate
GHSA-rj3w-99gc-8j58
was published
for
laravel/framework
(Composer)
May 15, 2024
Read private customer data reclaiming carts in Klaviyo Magento
Moderate
GHSA-hvgw-gg3p-295j
was published
for
klaviyo/magento2-extension
(Composer)
May 15, 2024
Laravel Cross-site Scripting vulnerability in blade templating
Moderate
GHSA-297g-xg4h-7w4c
was published
for
illuminate/view
(Composer)
May 15, 2024
Laravel Risk of mass-assignment vulnerabilities
Moderate
GHSA-cc2w-ghc5-m5qr
was published
for
illuminate/database
(Composer)
May 15, 2024
Laravel Hijacked authentication cookies vulnerability
Moderate
GHSA-q4xf-7fw5-4x8v
was published
for
illuminate/auth
(Composer)
May 15, 2024
fuel/core Crypt encryption compromised.
Moderate
GHSA-fgrx-4637-fcf5
was published
for
fuel/core
(Composer)
May 15, 2024
FOSUserBundle User Identity Validation Vulnerability
Moderate
GHSA-8wx3-8m4x-g5h4
was published
for
friendsofsymfony/user-bundle
(Composer)
May 15, 2024
FOSUserBundle Entropy is lost in the TokenGenerator
Moderate
GHSA-pjx8-984p-7p3x
was published
for
friendsofsymfony/user-bundle
(Composer)
May 15, 2024
FOSRestBundle issue with broken validation of JSONP callbacks
Moderate
GHSA-p9fg-j6ww-953m
was published
for
friendsofsymfony/rest-bundle
(Composer)
May 15, 2024
friendsofsymfony/oauth2-php open redirection in oauth
Moderate
GHSA-xm3x-4ph3-3x9c
was published
for
friendsofsymfony/oauth2-php
(Composer)
May 15, 2024
eZ Platform Admin UI is vulnerable to Cross-site Scripting (XSS)
Moderate
GHSA-w9p3-26fx-5mp3
was published
for
ezsystems/platform-ui-assets-bundle
(Composer)
May 15, 2024
Ez Platform Object Injection in legacy shop module
Moderate
GHSA-39j2-4p9j-5w4j
was published
for
ezsystems/ezpublish-legacy
(Composer)
May 15, 2024
An arbitrary file upload vulnerability in dootask v0.30.13 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-34906
was published
May 15, 2024
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has...
Moderate
Unreviewed
CVE-2024-4911
was published
May 15, 2024
An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to...
Moderate
Unreviewed
CVE-2024-34913
was published
May 15, 2024
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a...
Moderate
Unreviewed
CVE-2024-4950
was published
May 15, 2024
ProTip!
Advisories are also available from the
GraphQL API