Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,870 advisories

Loading
phpMyAdmin Cross-site Scripting vulnerability Low
CVE-2011-4782 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin vulnerable to Cross-site Scripting Low
CVE-2011-4634 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Joomla! vulnerable to Cross-site Scripting Low
CVE-2011-4332 was published for joomla/joomla-cms (Composer) May 17, 2022
Webkit PDFs for TYPO3 allows remote attackers to execute arbitrary commands High
CVE-2010-4962 was published for dmk/webkitpdf (Composer) May 17, 2022
Webkit PDFs for TYPO3 has SQL Injection vulnerability High
CVE-2010-4961 was published for dmk/webkitpdf (Composer) May 17, 2022
Joomla! vulnerable to Cross-site Scripting Moderate
CVE-2011-2509 was published for joomla/joomla-cms (Composer) May 14, 2022
phpMyAdmin Directory Traversal vulnerability High
CVE-2011-2508 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin allows remote attackers to obtain installation path via direct request for nonexistent file Moderate
CVE-2011-0986 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin allows remote attackers to bypass authentication and obtain sensitive information High
CVE-2010-4481 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
powermail extension for TYPO3 vulnerable to SQL Injection High
CVE-2010-3604 was published for in2code/powermail (Composer) May 17, 2022
EGroupware Code Injection vulnerability High
CVE-2010-3313 was published for egroupware/egroupware (Composer) May 17, 2022
MantisBT Cross-site Scripting vulnerability Low
CVE-2010-2574 was published for mantisbt/mantisbt (Composer) May 14, 2022
Commerce extension for TYPO3 vulnerable to Cross-site Scripting Low
CVE-2009-4963 was published for commerceteam/commerce (Composer) May 2, 2022
Joomla! vulnerable to Cross-site Scripting Moderate
CVE-2010-1649 was published for joomla/joomla-cms (Composer) May 14, 2022
Moodle doesn't properly check role Low
CVE-2010-1617 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to SQL injection High
CVE-2010-1615 was published for moodle/moodle (Composer) May 13, 2022
Piwik (now Matomo) Vulnerable to Cross-Site Scripting (XSS) Low
CVE-2013-1844 was published for matomo/matomo (Composer) May 13, 2022
Piwik (now Matomo) Reveals Sensitive Information by Accepting Input from `POST` Requests Moderate
CVE-2013-2633 was published for matomo/matomo (Composer) May 13, 2022
Piwik (now Matomo) Vulnerable to Arbitrary Code Execution Moderate
CVE-2011-4941 was published for matomo/matomo (Composer) May 13, 2022
Concrete5 Vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2012-5181 was published for concrete5/concrete5 (Composer) May 17, 2022
phpMyAdmin Vulnerable to Cross-Site Scripting Low
CVE-2011-1940 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Moodle vulnerable to Cross-site Scripting Low
CVE-2010-1619 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-site Scripting Low
CVE-2010-1614 was published for moodle/moodle (Composer) May 13, 2022
Moodle Session Fixation vulnerability Moderate
CVE-2010-1613 was published for moodle/moodle (Composer) May 13, 2022
SilverStripe vulnerable to Cross-site Scripting Low
CVE-2010-1593 was published for silverstripe/cms (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database