GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4,870 advisories
Mautic vulnerable to secret data exfiltration via symfony parameters
Moderate
CVE-2021-27908
was published
for
mautic/core
(Composer)
Apr 6, 2021
Grav's Twig processing allowing dangerous PHP functions by default
High
CVE-2021-29440
was published
for
getgrav/grav
(Composer)
Apr 16, 2021
Cross-Site Scripting in Bootstrap Package
Moderate
CVE-2021-21365
was published
for
bk2k/bootstrap-package
(Composer)
Apr 29, 2021
Composer's missing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial
High
CVE-2021-29472
was published
for
composer/composer
(Composer)
Apr 29, 2021
Insecure Deserialization of untrusted data in rmccue/requests
Critical
CVE-2021-29476
was published
for
rmccue/requests
(Composer)
Apr 29, 2021
Cross-site scripting (XSS) from unsanitized uploaded SVG files in Kirby
High
CVE-2021-29460
was published
for
getkirby/cms
(Composer)
Apr 30, 2021
ProTip!
Advisories are also available from the
GraphQL API