Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

52 advisories

Loading
Livewire Remote Code Execution on File Uploads High
CVE-2024-47823 was published for livewire/livewire (Composer) Oct 8, 2024
angelej RChutchev
Arbitrary File Creation in opencart High
CVE-2024-21519 was published for opencart/opencart (Composer) Jun 22, 2024
Moodle ReCAPTCHA can be bypassed on the login page High
CVE-2024-34009 was published for moodle/moodle (Composer) May 31, 2024
Moodle Improper Input Validation High
CVE-2024-33999 was published for moodle/moodle (Composer) May 31, 2024
TYPO3 Arbitrary Shell Execution in Swiftmailer library High
GHSA-45xg-4w5x-j429 was published for typo3/cms (Composer) May 30, 2024
silverstripe/framework has possible denial of service attack vector when flushing High
GHSA-cwgq-83w5-8jfq was published for silverstripe/framework (Composer) May 28, 2024
Froxlor username/surname AND company field Bypass High
CVE-2023-50256 was published for froxlor/froxlor (Composer) Jan 4, 2024
ahmedvienna
PrestaShop some attribute not escaped in Validate::isCleanHTML method High
CVE-2024-21627 was published for prestashop/prestashop (Composer) Jan 3, 2024
Antonio-R1 antoniospataro
matthieu-rolland AureRita boherm matks
Dolibarr Improper Input Validation vulnerability High
CVE-2023-4197 was published for dolibarr/dolibarr (Composer) Nov 1, 2023
OpenCart Path Traversal vulnerability High
CVE-2023-2315 was published for opencart/opencart (Composer) Sep 27, 2023
Grav Server-side Template Injection (SSTI) via Twig Default Filters High
CVE-2023-34448 was published for getgrav/grav (Composer) Jun 16, 2023
jacobsoo
Improper input validation in Drupal core High
CVE-2022-25273 was published for drupal/core (Composer) Apr 26, 2023
HTTP Multiline Header Termination High
CVE-2023-29530 was published for laminas/laminas-diactoros (Composer) Apr 24, 2023
GrahamCampbell TimWolla
Browsershot does not validate URL protocols passed to Browsershot URL method High
CVE-2022-41706 was published for spatie/browsershot (Composer) Nov 25, 2022
tdunlap607
Magento Improper input validation vulnerability High
CVE-2022-42344 was published for magento/community-edition (Composer) Oct 20, 2022
Moodle Arbitrary file read when importing lesson questions High
CVE-2022-35650 was published for moodle/moodle (Composer) Jul 26, 2022
TYPO3 Image Processing susceptible to Code Execution High
CVE-2019-11832 was published for typo3/cms (Composer) May 24, 2022
ohader
EC-CUBE Improper input validation vulnerability High
CVE-2020-5680 was published for ec-cube/ec-cube (Composer) May 24, 2022
Moodle vulnerable to RCE High
CVE-2020-10738 was published for moodle/moodle (Composer) May 24, 2022
Froxlor arbitrary code execution via the database configuration options High
CVE-2020-10235 was published for froxlor/froxlor (Composer) May 24, 2022
Magento arbitrary PHP code execution via the productData parameter High
CVE-2015-6497 was published for magento/core (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability High
CVE-2019-7885 was published for magento/community-edition (Composer) May 24, 2022
phpBB Denial of Service High
CVE-2019-9826 was published for phpbb/phpbb (Composer) May 24, 2022
CakePHP allows remote attackers to modify internal Cake cache and execute arbitrary code High
CVE-2010-4335 was published for cakephp/cakephp (Composer) May 17, 2022
ravage84
Drupal has open redirect vulnerability in the Overlay module High
CVE-2013-6389 was published for drupal/drupal (Composer) May 17, 2022
Rudloff
ProTip! Advisories are also available from the GraphQL API