GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
24,687 advisories
Cross site scripting in automad/automad
Moderate
CVE-2021-37502
was published
for
automad/automad
(Composer)
Feb 3, 2023
wallabag subject to Improper Authorization via annotations
Moderate
CVE-2023-0610
was published
for
wallabag/wallabag
(Composer)
Feb 2, 2023
wallabag contains Improper Authorization via export feature
Moderate
CVE-2023-0609
was published
for
wallabag/wallabag
(Composer)
Feb 2, 2023
Broken Access Control in 3rd party TYPO3 extension "femanager"
High
CVE-2023-25013
was published
for
in2code/femanager
(Composer)
Feb 2, 2023
Broken Access Control in 3rd party TYPO3 extension "femanager"
High
CVE-2023-25014
was published
for
in2code/femanager
(Composer)
Feb 2, 2023
Switcher Client contains Regular Expression Denial of Service (ReDoS)
High
CVE-2023-23925
was published
for
switcher-client
(npm)
Feb 2, 2023
AVideo contains Command injection when embedding a video link
Critical
CVE-2023-25313
was published
for
wwbn/avideo
(Composer)
Feb 2, 2023
Django contains Uncontrolled Resource Consumption via cached header
High
CVE-2023-23969
was published
for
django
(pip)
Feb 1, 2023
Symfony storing cookie headers in HttpCache
Moderate
CVE-2022-24894
was published
for
symfony/http-kernel
(Composer)
Feb 1, 2023
Symfony vulnerable to Session Fixation of CSRF tokens
Moderate
CVE-2022-24895
was published
for
symfony/security-bundle
(Composer)
Feb 1, 2023
ProTip!
Advisories are also available from the
GraphQL API