Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

18 advisories

Loading
Information exposure via query strings in URL Low
GHSA-cq6h-w3mc-57f4 was published for shopware/core (Composer) Dec 21, 2020
User (Encrypted) Password Field Being Serialised Low
GHSA-7fjp-g4m7-fx23 was published for pwweb/laravel-core (Composer) Apr 13, 2021
User enumeration in authentication mechanisms Low
GHSA-g2qj-pmxm-9f8f was published for symfony/security-http (Composer) May 17, 2021
User enumeration in authentication mechanisms Low
GHSA-2frx-j9hj-6c65 was published for lexik/jwt-authentication-bundle (Composer) May 17, 2021
mbrodala chalasr
Discoverability of user password hash in Statamic CMS Low
CVE-2022-24784 was published for statamic/cms (Composer) Mar 29, 2022
Twig Sandbox Information Disclosure Low
CVE-2019-9942 was published for twig/twig (Composer) Mar 26, 2022
Information Disclosure due to Out-of-scope Site Resolution Low
CVE-2023-38499 was published for typo3/cms-core (Composer) Jul 25, 2023
fe-hicking ohader
bnf
Information Disclosure in typo3/cms-install tool Low
CVE-2023-47126 was published for typo3/cms-install (Composer) Nov 14, 2023
liayn
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability Low
CVE-2023-5551 was published for moodle/moodle (Composer) Nov 9, 2023
Magento Information Disclosure vulnerability Low
CVE-2021-28566 was published for magento/community-edition (Composer) May 24, 2022
Magento information disclosure vulnerability Low
CVE-2020-24406 was published for magento/community-edition (Composer) May 24, 2022
Typo3 Backend Configuration XSS Vulnerability Low
CVE-2012-3529 was published for typo3/cms (Composer) May 17, 2022
Moodle's login_as feature leaks information from external repositories Low
CVE-2013-1835 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Information disclosure of source code in SimpleSAMLphp Low
CVE-2020-5301 was published for simplesamlphp/simplesamlphp (Composer) Apr 22, 2020
slawn
Kimai information disclosure vulnerability Low
CVE-2024-4596 was published for kimai/kimai (Composer) May 7, 2024
Password hash exposed in CraftCMS two factor authentication plugin Low
CVE-2024-5657 was published for born05/craft-twofactorauthentication (Composer) Jun 6, 2024
Moodle has user information visibility control issues in gradebook reports Low
CVE-2024-43429 was published for moodle/moodle (Composer) Nov 11, 2024
Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient Low
CVE-2024-50342 was published for symfony/http-client (Composer) Nov 6, 2024
nicolas-grekas zozs
cs278
ProTip! Advisories are also available from the GraphQL API