GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
20 advisories
AVideo: Unauthenticated FFmpeg Remote Server Status Disclosure via check.ffmpeg.json.php
Moderate
CVE-2026-35450
was published
for
wwbn/avideo
(Composer)
Apr 4, 2026
AVideo: Missing Authentication in CreatePlugin list.json.php Template Affects 21 Endpoints
Moderate
CVE-2026-34732
was published
for
wwbn/avideo
(Composer)
Apr 1, 2026
AVideo: Unauthenticated Live Stream Termination via RTMP Callback on_publish_done.php
High
CVE-2026-34731
was published
for
wwbn/avideo
(Composer)
Apr 1, 2026
AVideo: Unauthenticated CDN Configuration Takeover via Empty Default Key Bypass and Mass-Assignment
High
CVE-2026-33719
was published
for
wwbn/avideo
(Composer)
Mar 25, 2026
Craft CMS: Unauthenticated Users Can Perform Restricted Project Config Sync Operations
Moderate
CVE-2026-33159
was published
for
craftcms/cms
(Composer)
Mar 24, 2026
AVideo has Unauthenticated PGP Message Decryption via Public Endpoint
Moderate
GHSA-5x2w-37xf-7962
was published
for
wwbn/avideo
(Composer)
Mar 19, 2026
AVideo affected by unauthenticated application takeover via exposed web installer on uninitialized deployments
High
CVE-2026-33038
was published
for
wwbn/avideo
(Composer)
Mar 17, 2026
AVideo has Unauthenticated IDOR - Playlist Information Disclosure
Moderate
CVE-2026-30885
was published
for
wwbn/avideo
(Composer)
Mar 7, 2026
OpenSTAManager affected by unauthenticated privilege escalation via modules/utenti/actions.php
Critical
CVE-2026-27012
was published
for
devcode-it/openstamanager
(Composer)
Mar 3, 2026
FroshAdminer Adminer UI is accessible without admin session
Moderate
CVE-2026-25878
was published
for
frosh/adminer-platform
(Composer)
Feb 10, 2026
Bagisto Missing Authentication on Installer API Endpoints
High
CVE-2026-21446
was published
for
bagisto/bagisto
(Composer)
Jan 2, 2026
Mautic has insufficient authentication in upgrade flow
Moderate
CVE-2022-25770
was published
for
mautic/core
(Composer)
Sep 18, 2024
Broken Access Control in 3rd party TYPO3 extension "femanager"
High
CVE-2023-25013
was published
for
in2code/femanager
(Composer)
Feb 2, 2023
Broken Access Control in 3rd party TYPO3 extension "femanager"
High
CVE-2023-25014
was published
for
in2code/femanager
(Composer)
Feb 2, 2023
ProTip!
Advisories are also available from the
GraphQL API