GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
15 advisories
Path manipulation in matyhtf/framework
Critical
CVE-2021-43676
was published
for
matyhtf/framework
(Composer)
Dec 4, 2021
Server-Side Request Forgery and Open Redirect in AllTube Download
High
CVE-2022-24739
was published
for
rudloff/alltube
(Composer)
Mar 9, 2022
PEAR::Archive_Tar Directory Traversal vulnerability
Critical
CVE-2006-0931
was published
for
pear/archive_tar
(Composer)
May 1, 2022
HTML Purifier Cross-site Scripting vulnerability
Moderate
CVE-2007-3498
was published
for
ezyang/htmlpurifier
(Composer)
May 1, 2022
Drupal has open redirect vulnerability in the Overlay module
High
CVE-2013-6389
was published
for
drupal/drupal
(Composer)
May 17, 2022
HTML Purifier allows remote attackers to obtain sensitive information
Moderate
CVE-2011-3744
was published
for
ezyang/htmlpurifier
(Composer)
May 17, 2022
phpBB vulnerability related to use of "forum id" in circumstances related to a "global announcement."
High
CVE-2010-1630
was published
for
phpbb/phpbb
(Composer)
May 17, 2022
phpBB 3.0.7 allows remote attackers to bypass intended access restrictions
High
CVE-2010-1627
was published
for
phpbb/phpbb
(Composer)
May 17, 2022
phpBB vulnerable to sensitive information disclosure
High
CVE-2008-6507
was published
for
phpbb/phpbb
(Composer)
May 17, 2022
phpBB Server-Side Request Forgery Vulnerability
Moderate
CVE-2020-8226
was published
for
phpbb/phpbb
(Composer)
May 24, 2022
Cross site scripting in ameos_tarteaucitron
Moderate
CVE-2022-33155
was published
for
ameos/ameos_tarteaucitron
(Composer)
Jul 13, 2022
MediaWiki Denial of Service vulnerability
High
CVE-2023-45363
was published
for
mediawiki/core
(Composer)
Oct 9, 2023
phpBB's Smiley Pack acp_icons.php main pack vulnerable to cross site scripting
Moderate
CVE-2023-5917
was published
for
phpbb/phpbb
(Composer)
Nov 2, 2023
Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
Moderate
CVE-2023-46734
was published
for
symfony/symfony
(Composer)
Nov 12, 2023
CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detection
Moderate
CVE-2024-24815
was published
for
ckeditor/ckeditor
(Composer)
Feb 7, 2024
ProTip!
Advisories are also available from the
GraphQL API