GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,227
Composer 3,941
Erlang 29
GitHub Actions 16
Go 1,722
Maven 4,952
npm 3,481
NuGet 605
pip 3,049
Pub 10
RubyGems 832
Rust 778
Swift 34

Unreviewed advisories

All unreviewed 219,149

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

19,227 advisories

Filter by severity

Sort by

Least recently updated

ZendFramework Cross-site Scripting vector in `Zend_Filter_StripTags` Moderate

GHSA-gwpm-pm6x-h7rj was published for zendframework/zendframework1 (Composer) Jun 7, 2024

aimeos-core arbitrary file uopload vulnerability High

CVE-2024-36811 was published for aimeos/aimeos-core (Composer) Jun 7, 2024

ebookmeta XML External Entity vulnerability Critical

CVE-2024-37388 was published for ebookmeta (pip) Jun 7, 2024

ebookmeta XML External Entity vulnerability High

CVE-2024-36827 was published for ebookmeta (pip) Jun 7, 2024

Zend-Session session validation vulnerability Moderate

GHSA-96c6-m98x-hxjx was published for zendframework/zend-session (Composer) Jun 7, 2024

ZendFramework Potential Cross-site Scripting in Development Environment Error View Script Moderate

GHSA-g52p-86j5-xr8q was published for zendframework/zendframework1 (Composer) Jun 7, 2024

Zend-Mail remote code execution in zend-mail via Sendmail adapter High

GHSA-cxf7-m5g2-v594 was published for zendframework/zend-mail (Composer) Jun 7, 2024

ZendFramework potential XML eXternal Entity injection vectors Critical

GHSA-mhpx-3rv8-wrjm was published for zendframework/zendframework1 (Composer) Jun 7, 2024

ZendFramework potential XML eXternal Entity injection vectors High

GHSA-4j9x-g4x8-vcmf was published for zendframework/zendframework1 (Composer) Jun 7, 2024

ZendFramework potential Cross-site Scripting vectors due to inconsistent encodings Moderate

GHSA-hg35-vqp3-fv39 was published for zendframework/zendframework1 (Composer) Jun 7, 2024

ZendFramework potential SQL Injection Vector When Using PDO_MySql Critical

GHSA-qf36-fx9f-232x was published for zendframework/zendframework1 (Composer) Jun 7, 2024

ZendFramework potential Cross-site Scripting vector in `Zend_Dojo_View_Helper_Editor` Moderate

GHSA-j543-vg33-g6vj was published for zendframework/zendframework1 (Composer) Jun 7, 2024

ZendFramework vulnerable to XXE/XEE attacks Critical

GHSA-f4fj-q6m4-cc52 was published for zendframework/zend-xmlrpc (Composer) Jun 7, 2024

ZendFramework local file inclusion vector in `Zend_View::setScriptPath()` and `render()` High

GHSA-hx3m-959f-v849 was published for zendframework/zendframework1 (Composer) Jun 7, 2024

ZendFramework has potential Cross-site Scripting vector in multiple view helpers Moderate

GHSA-m7hr-j867-3f34 was published for zendframework/zend-view (Composer) Jun 7, 2024

Zendframework URL Rewrite vulnerability Moderate

GHSA-fh7r-58q4-6387 was published for zendframework/zendframework (Composer) Jun 7, 2024

ZendFramework vulnerable to Cross-site Scripting Moderate

GHSA-5gmf-3c43-q73v was published for zendframework/zendframework (Composer) Jun 7, 2024

ZendFramework potential remote code execution in zend-mail via Sendmail adapter Moderate

GHSA-gff2-p6vm-3p8g was published for zendframework/zendframework (Composer) Jun 7, 2024

ZendFramework Potential Proxy Injection Vulnerabilities Moderate

GHSA-mg7h-9qfx-4r83 was published for zendframework/zendframework (Composer) Jun 7, 2024

ZendFramework Information Disclosure and Insufficient Entropy vulnerability Moderate

GHSA-2fhr-8r8r-qp56 was published for zendframework/zendframework (Composer) Jun 7, 2024

ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations High

GHSA-x2f4-8wxf-w3vf was published for zendframework/zendframework (Composer) Jun 7, 2024

Zendframework vulnerable to XXE/XEE attacks Critical

GHSA-qc7w-4567-84wv was published for zendframework/zendframework (Composer) Jun 7, 2024

ZendFramework Potential Information Disclosure and Insufficient Entropy vulnerabilities High

GHSA-xg9w-r469-m455 was published for zendframework/zendframework (Composer) Jun 7, 2024

Zendframework session validation vulnerability Moderate

GHSA-62f6-h68r-3jpw was published for zendframework/zendframework (Composer) Jun 7, 2024

ZendFramework Route Parameter Injection Via Query String in `Zend\Mvc` High

GHSA-jq87-2wxp-8349 was published for zendframework/zendframework (Composer) Jun 7, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

19,227 advisories