Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

516 advisories

Loading
Moodle Blind SSRF Risk in /badges/mybackpack.php Critical
CVE-2019-3809 was published for moodle/moodle (Composer) May 13, 2022
Moodle SQL injection via user preferences Critical
CVE-2017-2641 was published for moodle/moodle (Composer) May 17, 2022
Moodle remote code execution Critical
CVE-2022-40314 was published for moodle/moodle (Composer) Oct 1, 2022
Moodle Minor SQL injection risk in admin user browsing Critical
CVE-2022-40315 was published for moodle/moodle (Composer) Oct 1, 2022
phpMyAdmin SQL injection vulnerability Critical
CVE-2020-26935 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
phpMyAdmin SQL injection in Designer feature Critical
CVE-2019-11768 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Moodle command execution vulnerability exists in the default legacy spellchecker plugin Critical
CVE-2021-21809 was published for moodle/moodle (Composer) May 24, 2022
phpMyAdmin unsanitized Git information Critical
CVE-2019-19617 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header Critical
CVE-2020-13485 was published for verbb/knock-knock (Composer) May 24, 2022
qcubed SQL injection vulnerability in profile.php via the strQuery parameter Critical
CVE-2020-24913 was published for qcubed/qcubed (Composer) May 24, 2022
qcubed PHP object injection Critical
CVE-2020-24914 was published for qcubed/qcubed (Composer) May 24, 2022
phpMyAdmin SQL injection in Designer feature Critical
CVE-2019-6798 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin Improper Privilege Management Critical
CVE-2017-18264 was published for phpmyadmin/phpmyadmin (Composer) May 13, 2022
yii2-redis Potential Remote code execution Critical
CVE-2018-8073 was published for yiisoft/yii2-redis (Composer) May 14, 2022
Dolibarr remote PHP code execution Critical
CVE-2021-33816 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr SQL injection via the integer parameters qty and value_unit Critical
CVE-2018-16809 was published for dolibarr/dolibarr (Composer) May 14, 2022
Yii SQL injection vulnerability Critical
CVE-2018-7269 was published for yiisoft/yii2-dev (Composer) May 24, 2022
NukeViet SQL Injection vulnerability Critical
CVE-2020-21809 was published for nukeviet/nukeviet (Composer) May 24, 2022
NukeViet SQL Injection vulnerability via topicsid parameter Critical
CVE-2020-21808 was published for nukeviet/nukeviet (Composer) May 24, 2022
php-shellcommand command injection vulnerability Critical
CVE-2019-10774 was published for mikehaertl/php-shellcommand (Composer) May 24, 2022
Dolibarr Cross-site Scripting via the qty parameter in product/fournisseurs.php Critical
CVE-2019-19212 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr Improper Restriction of Excessive Authentication Attempts Critical
CVE-2020-7995 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr SQL injection vulnerability in fourn/index.php Critical
CVE-2017-17900 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in adherents/subscription/info.php Critical
CVE-2017-17899 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in comm/multiprix.php Critical
CVE-2017-17897 was published for dolibarr/dolibarr (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database