Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,300
NuGet
760
pip
4,078
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,868 advisories

Loading
Cross-site Scripting in microweber Moderate
CVE-2022-0558 was published for microweber/microweber (Composer) Feb 11, 2022
Path Traversal in S-Cart Moderate
CVE-2021-44111 was published for s-cart/s-cart (Composer) Feb 12, 2022
Incorrect Authorization in Drupal core Moderate
CVE-2020-13676 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
Credited to tdunlap607
Cross-site Scripting in Drupal Core Moderate
CVE-2020-13668 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
Credited to tdunlap607
Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor Moderate
CVE-2020-13669 was published for drupal/core (Composer) Feb 12, 2022
Drupal core Cross-site Scripting (XSS) vulnerability Moderate
CVE-2020-13672 was published for drupal/core (Composer) Feb 12, 2022
Cross-Site Request Forgery in Drupal core Moderate
CVE-2020-13674 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
Credited to tdunlap607
Open redirect in microweber Moderate
CVE-2022-0560 was published for microweber/microweber (Composer) Feb 12, 2022
Cross-site Scripting in enshrined/svg-sanitize Moderate
CVE-2022-23638 was published for enshrined/svg-sanitize (Composer) Feb 14, 2022
zcorpan ohader
Credited to zcorpan and ohader
Improper Privilege Management in Snipe-IT Moderate
CVE-2022-0579 was published for snipe/snipe-it (Composer) Feb 15, 2022
Exposure of Sensitive Information to an Unauthorized Actor in pimcore Moderate
CVE-2022-0565 was published for pimcore/pimcore (Composer) Feb 15, 2022
Exposure of Sensitive Information in snipe/snipe-it Moderate
CVE-2022-0569 was published for snipe/snipe-it (Composer) Feb 15, 2022
Cross-site Scripting in librenms Moderate
CVE-2022-0576 was published for librenms/librenms (Composer) Feb 15, 2022
Cross-site Scripting in librenms Moderate
CVE-2022-0575 was published for librenms/librenms (Composer) Feb 15, 2022
Microweber vulnerable to Improper Validation of Specified Quantity in Input Moderate
CVE-2022-0596 was published for microweber/microweber (Composer) Feb 16, 2022
Open redirect in microweber Moderate
CVE-2022-0597 was published for microweber/microweber (Composer) Feb 16, 2022
Cross-site Scripting in librenms Moderate
CVE-2022-0589 was published for librenms/librenms (Composer) Feb 16, 2022
Exposure of Sensitive Information to an Unauthorized Actor in librenms Moderate
CVE-2022-0588 was published for librenms/librenms (Composer) Feb 16, 2022
Cross-site Scripting in livehelperchat Moderate
CVE-2022-0612 was published for remdex/livehelperchat (Composer) Feb 17, 2022
Cross-Site Request Forgery microweber Moderate
CVE-2022-0638 was published for microweber/microweber (Composer) Feb 18, 2022
Incorrect authorization in Drupal core Moderate
CVE-2022-25270 was published for drupal/core (Composer) Feb 18, 2022
Crypt_GPG does not prevent additional options in GPG calls Moderate
CVE-2022-24953 was published for pear/crypt_gpg (Composer) Feb 18, 2022
Generation of Error Message Containing Sensitive Information in Snipe-IT Moderate
CVE-2022-0622 was published for snipe/snipe-it (Composer) Feb 18, 2022
Exposure of Resource to Wrong Sphere in ezsystems/ezplatform-kernel Moderate
CVE-2022-25336 was published for ezsystems/ezplatform-kernel (Composer) Feb 19, 2022
Business Logic Errors in microweber Moderate
CVE-2022-0689 was published for microweber/microweber (Composer) Feb 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database