Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,110
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

515 advisories

Loading
Centreon RCE Vulnerability Critical
CVE-2018-11587 was published for centreon/centreon (Composer) May 14, 2022
SQL injection in moodle Critical
CVE-2022-30599 was published for moodle/moodle (Composer) May 19, 2022
Incorrect Calculation in moodle Critical
CVE-2022-30600 was published for moodle/moodle (Composer) May 19, 2022
ADOdb Library SQL Injection Critical
CVE-2016-7405 was published for adodb/adodb-php (Composer) May 17, 2022
October CMS Session ID not invalidated after logout Critical
CVE-2021-3311 was published for october/rain (Composer) Feb 10, 2021
Apache Solr for TYPO3 (solr) extension is vulnerable to Insecure Unserialize Critical
CVE-2013-6288 was published for apache-solr-for-typo3/solr (Composer) May 17, 2022
Incorrect Access Control in Ignition Critical
CVE-2021-43996 was published for facade/ignition (Composer) Nov 19, 2021
Access control issue in ezsystems/ezpublish-kernel Critical
CVE-2022-48367 was published for ezsystems/ezpublish-kernel (Composer) Mar 12, 2023
CodeIgniter and Kohana vulnerable to PHP Object Injection Critical
CVE-2014-8684 was published for codeigniter/framework (Composer) May 17, 2022
SEOmatic for CraftCMS allows Server-Side Template Injection Critical
CVE-2020-9757 was published for nystudio107/craft-seomatic (Composer) May 24, 2022
Pimcore 2FA Vulnerable to Brute Forcing Critical
CVE-2019-18985 was published for pimcore/pimcore (Composer) May 24, 2022
slub_events for Typo3 Arbitrary File Upload Critical
CVE-2019-16700 was published for slub/slub-events (Composer) May 24, 2022
Dolibarr ERP and CRM Insecure Encryption Critical
CVE-2017-7888 was published for dolibarr/dolibarr (Composer) May 17, 2022
phpMyAdmin Authentication Bypass Critical
CVE-2016-6629 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Dolibarr ERP and CRM SQLi Critical
CVE-2017-9435 was published for dolibarr/dolibarr (Composer) May 17, 2022
Elefant CMS Code Execution Vulnerability Critical
CVE-2018-16974 was published for elefant/cms (Composer) May 14, 2022
Elefant CMS Improper Input Validation Critical
CVE-2018-15601 was published for elefant/cms (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18529 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18546 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18530 was published for topthink/framework (Composer) May 14, 2022
Spoon Library as used in Fork CMS allows PHP object injection Critical
CVE-2019-15521 was published for spoon/library (Composer) May 24, 2022
LibreNMS Information Disclosure Critical
CVE-2019-10665 was published for librenms/librenms (Composer) May 24, 2022
ShopXO RCE Vulnerability Critical
CVE-2021-27817 was published for shopxo/shopxo (Composer) May 24, 2022
Moodle vulnerable to RCE via unsafe deserialization Critical
CVE-2021-3943 was published for moodle/moodle (Composer) Nov 23, 2021
Path Traversal in Studio-42 elFinder through 2.1.60 Critical
CVE-2022-26960 was published for studio-42/elfinder (Composer) Mar 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database