Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,700
Maven
5,000+
npm
4,327
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,886 advisories

Loading
Cross-site Scripting in livehelperchat Moderate
CVE-2022-0374 was published for remdex/livehelperchat (Composer) Jan 28, 2022
Unrestricted Upload of File with Dangerous Type in jsdecena/laracom Moderate
CVE-2022-0472 was published for jsdecena/laracom (Composer) Feb 6, 2022
Cross-site Scripting in LiveHelperChat Moderate
CVE-2022-0395 was published for remdex/livehelperchat (Composer) Jan 29, 2022
Snipe-IT 6.0.2 vulnerable to Cross-site Scripting via arbitrary file upload in Update Branding Settings Moderate
CVE-2022-32060 was published for snipe/snipe-it (Composer) Jul 8, 2022
Cross-site Scripting in livehelperchat Moderate
CVE-2022-0370 was published for remdex/livehelperchat (Composer) Jan 28, 2022
Cross-site Scripting in pimcore Moderate
CVE-2022-0348 was published for pimcore/pimcore (Composer) Jan 28, 2022
Cross-site Scripting in livehelperchat Moderate
CVE-2022-0387 was published for remdex/livehelperchat (Composer) Jan 28, 2022
Cross-site Scripting in Crater Invoice Moderate
CVE-2022-0372 was published for bytefury/crater (Composer) Jan 28, 2022
Cross-site Scripting when rendering error messages in laminas-form Moderate
CVE-2022-23598 was published for laminas/laminas-form (Composer) Jan 28, 2022
Xerkus
Credited to Xerkus
Business Logic Errors in SilverStripe Framework Moderate
CVE-2022-0227 was published for silverstripe/framework (Composer) Feb 6, 2022
Cross-site Scripting in LiveHelperChat Moderate
CVE-2022-0394 was published for remdex/livehelperchat (Composer) Feb 1, 2022
Cross-site Scripting in Beanstalk console Moderate
CVE-2022-0501 was published for ptrofimov/beanstalk_console (Composer) Feb 6, 2022
Cross-site Scripting in LiveHelperChat Moderate
CVE-2022-0502 was published for remdex/livehelperchat (Composer) Feb 7, 2022
Open redirect in microweber Moderate
CVE-2022-0560 was published for microweber/microweber (Composer) Feb 12, 2022
Cross-site Scripting in librenms Moderate
CVE-2022-0575 was published for librenms/librenms (Composer) Feb 15, 2022
Generation of Error Message Containing Sensitive Information in microweber Moderate
CVE-2022-0504 was published for microweber/microweber (Composer) Feb 9, 2022
Cross-site Scripting in Beanstalk console Moderate
CVE-2022-0539 was published for ptrofimov/beanstalk_console (Composer) Feb 10, 2022
Cross-site Scripting in microweber Moderate
CVE-2022-0558 was published for microweber/microweber (Composer) Feb 11, 2022
Cross-site Scripting in microweber Moderate
CVE-2022-0506 was published for microweber/microweber (Composer) Feb 9, 2022
Cross-Site Request Forgery in microweber Moderate
CVE-2022-0505 was published for microweber/microweber (Composer) Feb 9, 2022
Cross-site Scripting in librenms Moderate
CVE-2022-0589 was published for librenms/librenms (Composer) Feb 16, 2022
Open redirect in microweber Moderate
CVE-2022-0597 was published for microweber/microweber (Composer) Feb 16, 2022
Cross-site Scripting in livehelperchat Moderate
CVE-2022-0612 was published for remdex/livehelperchat (Composer) Feb 17, 2022
Crypt_GPG does not prevent additional options in GPG calls Moderate
CVE-2022-24953 was published for pear/crypt_gpg (Composer) Feb 18, 2022
Path Traversal in S-Cart Moderate
CVE-2021-44111 was published for s-cart/s-cart (Composer) Feb 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database