Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
Denial of Service in TYPO3 Bookmark Toolbar Low
CVE-2024-34537 was published for typo3/cms-backend (Composer) Oct 8, 2024
ohader bnf
Eichner
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration Moderate
CVE-2022-23504 was published for typo3/cms (Composer) Dec 13, 2022
ohader darth-hader
Information Disclosure in TYPO3 Page Tree Low
CVE-2024-47780 was published for typo3/cms-backend (Composer) Oct 8, 2024
ohader jpmschuler
Cross-site Scripting vulnerability in Kitodo.Presentation Moderate
CVE-2020-16095 was published for kitodo/presentation (Composer) Jul 31, 2020
ohader
TYPO3 vulnerable to Cross-Site Scripting in the ShowImageController Moderate
CVE-2024-34357 was published for typo3/cms-core (Composer) May 14, 2024
derhansen ohader
TYPO3 Image Processing susceptible to Code Execution High
CVE-2019-11832 was published for typo3/cms (Composer) May 24, 2022
ohader
TYPO3 vulnerable to Improper Access Control Persisting File Abstraction Layer Entities via Data Handler High
CVE-2024-25121 was published for typo3/cms-core (Composer) Feb 13, 2024
ohader
Path Traversal in TYPO3 File Abstraction Layer Storages Moderate
CVE-2023-30451 was published for typo3/cms-core (Composer) Feb 13, 2024
ohader bnf
Exposure of Sensitive Information to an Unauthorized Actor in TYPO3 CMS High
CVE-2020-15099 was published for typo3/cms (Composer) Jul 29, 2020
ohader
TYPO3 Backend Forms vulnerable to Information Disclosure of Hashed Passwords Moderate
CVE-2024-25118 was published for typo3/cms-core (Composer) Feb 13, 2024
lolli42 ohader
Cross-Site Scripting via Rich-Text Content Moderate
CVE-2021-32768 was published for typo3/cms (Composer) Aug 19, 2021
sushiwushi ohader
einpraegsam
Class destructors causing side-effects when being unserialized in TYPO3 CMS High
CVE-2020-11066 was published for typo3/cms (Composer) May 13, 2020
ohader
Cross-Site-Request-Forgery in Backend High
CVE-2021-41113 was published for typo3/cms (Composer) Oct 5, 2021
sushiwushi ohader
Cleartext storage of session identifier High
CVE-2020-26228 was published for typo3/cms (Composer) Nov 23, 2020
liayn bmack
ohader
Missing Required Cryptographic Step Leading to Sensitive Information Disclosure in TYPO3 CMS High
CVE-2020-15098 was published for typo3/cms (Composer) Jul 29, 2020
ohader
Backend Same-Site Request Forgery in TYPO3 CMS High
CVE-2020-11069 was published for typo3/cms (Composer) May 13, 2020
ohader
Insecure Deserialization in Backend User Settings in TYPO3 CMS High
CVE-2020-11067 was published for typo3/cms (Composer) May 13, 2020
ohader
Cross-Site Scripting in TYPO3 CMS Link Handling Moderate
CVE-2020-11065 was published for typo3/cms (Composer) May 13, 2020
josefglatz ohader
Potential Remote Code Execution in TYPO3 with mediace extension Critical
CVE-2020-15086 was published for friendsoftypo3/mediace (Composer) Jul 29, 2020
ohader
Cross-site Scripting in enshrined/svg-sanitize Moderate
CVE-2022-23638 was published for enshrined/svg-sanitize (Composer) Feb 14, 2022
zcorpan ohader
Cleartext storage of session identifier Moderate
CVE-2021-21339 was published for typo3/cms (Composer) Mar 23, 2021
ohader
Unrestricted File Upload in Form Framework High
CVE-2021-21355 was published for typo3/cms (Composer) Mar 23, 2021
smichaelsen ohader
marclindemann vertexvaar sushiwushi waldhacker1
Cross-Site Scripting in Fluid view helpers Moderate
CVE-2020-26227 was published for typo3/cms (Composer) Dec 21, 2020
ohader
TYPO3 vulnerable to Weak Authentication in Session Handling Moderate
CVE-2023-47127 was published for typo3/cms-core (Composer) Nov 14, 2023
dogawaf bnf
ohader
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer Moderate
CVE-2023-47125 was published for typo3/html-sanitizer (Composer) Nov 14, 2023
Yaniv-git nielsdos
ohader
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database