GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,344 advisories
Filter by severity
Zend_Filter_StripTags vulnerable to Cross-site Scripting when comments allowed
Moderate
GHSA-4vf6-mq7w-3hp6
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
Zend-Diactoros URL Rewrite vulnerability
Moderate
GHSA-fq4p-86hh-42v9
was published
for
zendframework/zend-diactoros
(Composer)
Jun 7, 2024
Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`
Moderate
GHSA-4v57-pwvf-x35j
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
Zend-Form vulnerable to Cross-site Scripting
Moderate
GHSA-gvpp-6jrj-5pqc
was published
for
zendframework/zend-form
(Composer)
Jun 7, 2024
Zendframework Potential XSS or HTML Injection vector in Zend_Json
Moderate
GHSA-vvm3-rv48-j3g5
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework1 Potential Security Issues in Bundled Dojo Library
Moderate
GHSA-w5mj-j45q-m638
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework Cross-site Scripting vector in `Zend_Filter_StripTags`
Moderate
GHSA-gwpm-pm6x-h7rj
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
Zend-Session session validation vulnerability
Moderate
GHSA-96c6-m98x-hxjx
was published
for
zendframework/zend-session
(Composer)
Jun 7, 2024
ZendFramework Potential Cross-site Scripting in Development Environment Error View Script
Moderate
GHSA-g52p-86j5-xr8q
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework potential Cross-site Scripting vectors due to inconsistent encodings
Moderate
GHSA-hg35-vqp3-fv39
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework potential Cross-site Scripting vector in `Zend_Dojo_View_Helper_Editor`
Moderate
GHSA-j543-vg33-g6vj
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework has potential Cross-site Scripting vector in multiple view helpers
Moderate
GHSA-m7hr-j867-3f34
was published
for
zendframework/zend-view
(Composer)
Jun 7, 2024
Zendframework URL Rewrite vulnerability
Moderate
GHSA-fh7r-58q4-6387
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework vulnerable to Cross-site Scripting
Moderate
GHSA-5gmf-3c43-q73v
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework potential remote code execution in zend-mail via Sendmail adapter
Moderate
GHSA-gff2-p6vm-3p8g
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework Potential Proxy Injection Vulnerabilities
Moderate
GHSA-mg7h-9qfx-4r83
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework Information Disclosure and Insufficient Entropy vulnerability
Moderate
GHSA-2fhr-8r8r-qp56
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
Zendframework session validation vulnerability
Moderate
GHSA-62f6-h68r-3jpw
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
Zendframework has potential Cross-site Scripting vector in multiple view helpers
Moderate
GHSA-8q77-cv62-jj38
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
TYPO3 Denial of Service in Online Media Asset Handling
Moderate
GHSA-f3wf-q4fj-3gxf
was published
for
typo3/cms
(Composer)
Jun 7, 2024
TYPO3 Information Disclosure in Install Tool
Moderate
GHSA-6487-3qvg-8px9
was published
for
typo3/cms
(Composer)
Jun 7, 2024
TYPO3 Cross-Site Scripting in Frontend User Login
Moderate
GHSA-2rcw-9hrm-8q7q
was published
for
typo3/cms
(Composer)
Jun 7, 2024
TYPO3 Cross-Site Scripting in Backend Modal Component
Moderate
GHSA-7q33-hxwj-7p8v
was published
for
typo3/cms
(Composer)
Jun 7, 2024
TYPO3 Cross-Site Scripting in Online Media Asset Rendering
Moderate
GHSA-8m6j-p5jv-v69w
was published
for
typo3/cms
(Composer)
Jun 7, 2024
Cross-site scripting (XSS) vulnerability in Description metadata
Moderate
CVE-2024-37160
was published
for
getformwork/formwork
(Composer)
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API