GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
515 advisories
elFinder before 2.1.59 contains multiple vulnerabilities leading to RCE
Critical
CVE-2021-32682
was published
for
studio-42/elfinder
(Composer)
Jun 16, 2021
XSS vulnerability with translator
Critical
CVE-2021-32671
was published
for
flarum/core
(Composer)
Jun 7, 2021
Improper Certificate Validation in WP-CLI framework
Critical
CVE-2021-29504
was published
for
wp-cli/wp-cli
(Composer)
May 19, 2021
Insecure Deserialization of untrusted data in rmccue/requests
Critical
CVE-2021-29476
was published
for
rmccue/requests
(Composer)
Apr 29, 2021
PHP Code Injection by malicious function name in smarty
Critical
CVE-2021-26120
was published
for
smarty/smarty
(Composer)
Feb 26, 2021
Steam Socialite Provider v1 does not correctly validate openid server
Critical
GHSA-hhw9-35p2-q2c5
was published
for
socialiteproviders/steam
(Composer)
Jan 29, 2021
XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic
Critical
CVE-2020-35124
was published
for
mautic/core
(Composer)
Jan 19, 2021
Remote Code Execution in SyliusResourceBundle
Critical
CVE-2020-15146
was published
for
sylius/resource-bundle
(Composer)
Aug 19, 2020
Potential Remote Code Execution in TYPO3 with mediace extension
Critical
CVE-2020-15086
was published
for
friendsoftypo3/mediace
(Composer)
Jul 29, 2020
Potential Code Injection in Sprout Forms
Critical
CVE-2020-11056
was published
for
barrelstrength/sprout-base-email
(Composer)
May 8, 2020
ProTip!
Advisories are also available from the
GraphQL API