Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,700
Maven
5,000+
npm
4,327
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,886 advisories

Loading
Moodle Cross-site Scripting vulnerability Moderate
CVE-2023-23921 was published for moodle/moodle (Composer) Feb 17, 2023
Moodle Cross-site Scripting vulnerability Moderate
CVE-2023-23922 was published for moodle/moodle (Composer) Feb 17, 2023
Pimcore vulnerable to Cross Site Scripting in Documents Link Editable Moderate
CVE-2023-1115 was published for pimcore/pimcore (Composer) Mar 1, 2023
Pimcore vulnerable to Cross Site Scripting in image/video thumbnail config Moderate
CVE-2023-1117 was published for pimcore/pimcore (Composer) Mar 1, 2023
Pimcore vulnerable to Cross Site Scripting in Email Blacklist Moderate
CVE-2023-1116 was published for pimcore/pimcore (Composer) Mar 1, 2023
0xy37 ahmedvienna
Credited to 0xy37 and ahmedvienna
Microweber Cross-site Scripting vulnerability Moderate
CVE-2023-1081 was published for microweber/microweber (Composer) Feb 28, 2023
Craft CMS Stored Cross-site Scripting Injection Vulnerability Moderate
CVE-2023-23927 was published for craftcms/cms (Composer) Mar 3, 2023
gabriel-vernilo brandonkelly
Credited to gabriel-vernilo and brandonkelly
Open Redirect in Grav Moderate
CVE-2020-11529 was published for getgrav/grav (Composer) Jan 7, 2022
Wallabag Improper Authorization vulnerability Moderate
CVE-2023-0734 was published for wallabag/wallabag (Composer) Mar 5, 2023
uvdesk/community-skeleton vulnerable to Stored Cross-site Scripting Moderate
CVE-2023-1197 was published for uvdesk/community-skeleton (Composer) Mar 6, 2023
Moodle has Incorrect Default Permissions Moderate
CVE-2021-36400 was published for moodle/moodle (Composer) Mar 7, 2023
Moodle vulnerable to Stored Cross-site Scripting Moderate
CVE-2021-36401 was published for moodle/moodle (Composer) Mar 7, 2023
Moodle Cross-site Scripting vulnerability Moderate
CVE-2021-36399 was published for moodle/moodle (Composer) Mar 7, 2023
Moodle Cross-site Scripting vulnerability Moderate
CVE-2021-36398 was published for moodle/moodle (Composer) Mar 7, 2023
Moodle has Incorrect Default Permissions Moderate
CVE-2021-36397 was published for moodle/moodle (Composer) Mar 7, 2023
Possible CSRF token fixation Moderate
CVE-2023-25170 was published for prestashop/prestashop (Composer) Mar 13, 2023
Path Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files Moderate
CVE-2023-27577 was published for flarum/core (Composer) Mar 13, 2023
Moodle has a Hidden Functionality vulnerability Moderate
CVE-2021-36403 was published for moodle/moodle (Composer) Mar 7, 2023
Moodle Improper Input Validation vulnerability Moderate
CVE-2021-36402 was published for moodle/moodle (Composer) Mar 7, 2023
Cockpit Uses Platform-Dependent Third Party Components Moderate
CVE-2023-1160 was published for cockpit-hq/cockpit (Composer) Mar 3, 2023
pimcore is vulnerable to cross-site scripting Moderate
CVE-2023-1312 was published for pimcore/pimcore (Composer) Mar 10, 2023
Cross-site Scripting (XSS) in pimcore/pimcore Moderate
CVE-2023-1286 was published for pimcore/pimcore (Composer) Mar 9, 2023
Cross-site Scripting (XSS) - stored in Print Documents Moderate
GHSA-rrwm-8wqm-gwgv was published for pimcore/pimcore (Composer) Mar 16, 2023
vishnuraj-r
Credited to vishnuraj-r
Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field Moderate
CVE-2023-28429 was published for pimcore/pimcore (Composer) Mar 20, 2023
Pimcore Remote Code Execution vulnerability in Search function Moderate
CVE-2023-1578 was published for pimcore/pimcore (Composer) Mar 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database