GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
530 advisories
Remote Code Execution by uploading a phar file using frontmatter
Critical
CVE-2024-27923
was published
for
getgrav/grav
(Composer)
Mar 6, 2024
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE
Critical
GHSA-97m3-52wr-xvv2
was published
for
phenx/php-svg-lib
(Composer)
Feb 22, 2024
Improper Certificate Validation in WP-CLI framework
Critical
CVE-2021-29504
was published
for
wp-cli/wp-cli
(Composer)
May 19, 2021
PHP Code Injection by malicious function name in smarty
Critical
CVE-2021-26120
was published
for
smarty/smarty
(Composer)
Feb 26, 2021
Remote Code Execution in SyliusResourceBundle
Critical
CVE-2020-15146
was published
for
sylius/resource-bundle
(Composer)
Aug 19, 2020
Time-of-check Time-of-use (TOCTOU) Race Condition in league/flysystem
Critical
CVE-2021-32708
was published
for
league/flysystem
(Composer)
Jun 29, 2021
ProTip!
Advisories are also available from the
GraphQL API