Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,291 advisories

Loading
phpMyAdmin DoS Vulnerability High
CVE-2016-9863 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Bypass white-list protection for URL redirection High
CVE-2016-9861 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension High
CVE-2016-6633 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Dolibarr ERP and CRM Unsafe File Upload Vulnerability High
CVE-2017-9840 was published for dolibarr/dolibarr (Composer) May 17, 2022
Zend Framework CSRF Vulnerability High
CVE-2015-1786 was published for zendframework/zendframework (Composer) May 17, 2022
MODX Revolution Directory Traversal Vulnerability High
CVE-2017-9067 was published for modx/revolution (Composer) May 17, 2022
MODX Revolution allows overwriting .htaccess High
CVE-2017-9069 was published for modx/revolution (Composer) May 17, 2022
CSRF in baserCMS 3.0.10 and earlier High
CVE-2016-4881 was published for baserproject/basercms (Composer) May 17, 2022
baserCMS Cross Site Request Forgery vulnerability High
CVE-2016-4878 was published for baserproject/basercms (Composer) May 17, 2022
GeniXCMS SQL Injection High
CVE-2017-8377 was published for genix/cms (Composer) May 17, 2022
GeniXCMS SQL injection vulnerability High
CVE-2016-10096 was published for genix/cms (Composer) May 17, 2022
Extbase for TYPO3 allows RCE High
CVE-2016-5091 was published for typo3/cms-extbase (Composer) May 17, 2022
getID3 is vulnerable to XML External Entity (XXE) High
CVE-2014-2053 was published for james-heinrich/getid3 (Composer) May 17, 2022
Symfony Vulnerable to Timing Attack High
CVE-2015-8125 was published for symfony/form (Composer) May 17, 2022
phpMyAdmin allows remote attackers to spoof content via the url parameter High
CVE-2015-7873 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Slim vulnerable to PHP object injection High
CVE-2015-2171 was published for slim/slim (Composer) May 17, 2022
Moodle Unrestricted file upload vulnerability High
CVE-2016-9187 was published for moodle/moodle (Composer) May 17, 2022
Drupal Incorrect cache context on password reset page High
CVE-2016-9450 was published for drupal/core (Composer) May 17, 2022
Drupal Saving user accounts can sometimes grant the user all roles High
CVE-2016-6211 was published for drupal/core (Composer) May 17, 2022
phpMyAdmin Cryptographic Vulnerability High
CVE-2016-1927 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Doctrine Security Misconfiguration Vulnerability High
CVE-2015-5723 was published for aws/aws-sdk-php (Composer) May 17, 2022
PHP OpenID Library Denial of Service vulnerability High
CVE-2013-4701 was published for openid/php-openid (Composer) May 17, 2022
Symfony Cryptographic Vulnerability High
CVE-2016-1902 was published for symfony/security (Composer) May 17, 2022
Symphony Denial of Service Via Overlong Usernames High
CVE-2016-4423 was published for symfony/security (Composer) May 17, 2022
Drupal arbitrary code execution High
CVE-2016-3171 was published for drupal/core (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database