GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
19,708 advisories
PheonixAppAPI has visible Encoding Maps
Moderate
CVE-2024-41951
was published
for
PheonixAppAPI
(pip)
Jul 31, 2024
ZITADEL "ignoring unknown usernames" vulnerability
Moderate
CVE-2024-41952
was published
for
github.com/zitadel/zitadel
(Go)
Jul 31, 2024
ZITADEL has improper HTML sanitization in emails and Console UI
Moderate
CVE-2024-41953
was published
for
github.com/zitadel/zitadel
(Go)
Jul 31, 2024
eZ Platform Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget
Moderate
GHSA-gc5h-6jx9-q2qh
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
Jul 31, 2024
Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget
Moderate
CVE-2024-39318
was published
for
ibexa/admin-ui
(Composer)
Jul 31, 2024
XWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader
Moderate
CVE-2024-37900
was published
for
org.xwiki.platform:xwiki-platform-web-war
(Maven)
Jul 31, 2024
The fuels-ts typescript SDK has no awareness of to-be-spent transactions
Low
CVE-2024-41945
was published
for
@fuel-ts/account
(npm)
Jul 30, 2024
pREST vulnerable to jwt bypass + sql injection
Critical
GHSA-wm25-j4gw-6vr3
was published
for
github.com/prest/prest
(Go)
Jul 30, 2024
Pimcore vulnerable to disclosure of system and database information behind /admin firewall
Moderate
CVE-2024-41109
was published
for
pimcore/admin-ui-classic-bundle
(Composer)
Jul 30, 2024
ProTip!
Advisories are also available from the
GraphQL API