GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
37 advisories
Cross-Site Scripting in Fluid view helpers
Moderate
CVE-2020-26227
was published
for
typo3/cms
(Composer)
Dec 21, 2020
Cleartext storage of session identifier
High
CVE-2020-26228
was published
for
typo3/cms
(Composer)
Nov 23, 2020
Cross-site Scripting vulnerability in Kitodo.Presentation
Moderate
CVE-2020-16095
was published
for
kitodo/presentation
(Composer)
Jul 31, 2020
Exposure of Sensitive Information to an Unauthorized Actor in TYPO3 CMS
High
CVE-2020-15099
was published
for
typo3/cms
(Composer)
Jul 29, 2020
Missing Required Cryptographic Step Leading to Sensitive Information Disclosure in TYPO3 CMS
High
CVE-2020-15098
was published
for
typo3/cms
(Composer)
Jul 29, 2020
Potential Remote Code Execution in TYPO3 with mediace extension
Critical
CVE-2020-15086
was published
for
friendsoftypo3/mediace
(Composer)
Jul 29, 2020
Backend Same-Site Request Forgery in TYPO3 CMS
High
CVE-2020-11069
was published
for
typo3/cms
(Composer)
May 13, 2020
Insecure Deserialization in Backend User Settings in TYPO3 CMS
High
CVE-2020-11067
was published
for
typo3/cms
(Composer)
May 13, 2020
Class destructors causing side-effects when being unserialized in TYPO3 CMS
High
CVE-2020-11066
was published
for
typo3/cms
(Composer)
May 13, 2020
Cross-Site Scripting in TYPO3 CMS Link Handling
Moderate
CVE-2020-11065
was published
for
typo3/cms
(Composer)
May 13, 2020
Information Disclosure in Password Reset
Low
CVE-2020-11063
was published
for
typo3/cms
(Composer)
May 13, 2020
XSS in enshrined/svg-sanitize due to mishandled script and data values in attributes
High
CVE-2019-18857
was published
for
enshrined/svg-sanitize
(Composer)
Jan 8, 2020
ProTip!
Advisories are also available from the
GraphQL API