Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,291 advisories

Loading
Contao CSRF Token Bypass High
CVE-2019-10642 was published for contao/contao (Composer) May 14, 2022
Subrion CMS vulnerable to CSRF in blog/delete High
CVE-2017-18366 was published for intelliants/subrion (Composer) May 14, 2022
Symfony CSRF Token Fixation High
CVE-2018-11406 was published for symfony/security (Composer) May 14, 2022
LibreNMS SQL Injection High
CVE-2018-20678 was published for librenms/librenms (Composer) May 14, 2022
phpMyAdmin SSRF in replication High
CVE-2017-1000017 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Moodle SSRF Vulnerability High
CVE-2019-6970 was published for moodle/moodle (Composer) May 14, 2022
phpMyAdmin DoS Vulnerability High
CVE-2017-1000018 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin DoS Vulnerability High
CVE-2017-1000014 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
GeniXCMS SQL injection vulnerability High
CVE-2017-5346 was published for genix/cms (Composer) May 14, 2022
Symfony Directory Traversal High
CVE-2017-16654 was published for symfony/intl (Composer) May 14, 2022
Subrion CMS vulnerable to CSRF in admin/blocks/add High
CVE-2017-6068 was published for intelliants/subrion (Composer) May 14, 2022
Code Injection in baserCMS High
CVE-2017-10844 was published for baserproject/basercms (Composer) May 14, 2022
Symfony Session Fixation Vulnerability High
CVE-2018-11385 was published for symfony/security (Composer) May 14, 2022
mPDF Unsafe Deserialization High
CVE-2019-1000005 was published for mpdf/mpdf (Composer) May 14, 2022
PrestaShop PHP Object Injection High
CVE-2018-20717 was published for prestashop/prestashop (Composer) May 14, 2022
Shopware SQL Injection High
CVE-2018-20713 was published for shopware/shopware (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in user/card.php High
CVE-2018-19998 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr error-based SQL injection vulnerability in product/card.php High
CVE-2018-19994 was published for dolibarr/dolibarr (Composer) May 14, 2022
Unauthenticated File Read in PHP Proxy High
CVE-2018-19458 was published for athlon1600/php-proxy-app (Composer) May 14, 2022
LFI in PHP-Proxy 5.1.0 High
CVE-2018-19246 was published for athlon1600/php-proxy (Composer) May 14, 2022
Zenario CMS vulnerable to CSRF High
CVE-2018-18420 was published for tribalsystems/zenario (Composer) May 14, 2022
QuickAppsCMS Cross-Site Request Forgery (CSRF) High
CVE-2018-17102 was published for quickapps/cms (Composer) May 14, 2022
Subrion CMS CSRF Vulnerability High
CVE-2017-15063 was published for intelliants/subrion (Composer) May 14, 2022
phpMyFAQ CSRF High
CVE-2018-16650 was published for thorsten/phpmyfaq (Composer) May 14, 2022
Twig remote code execution in templates High
CVE-2015-7809 was published for twig/twig (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database