Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,291 advisories

Loading
Magento 2 Community Edition RCE Vulnerability High
CVE-2019-7932 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Session Fixation Check High
CVE-2019-7849 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Server-Side Request Forgery vulnerability High
CVE-2019-7911 was published for magento/community-edition (Composer) May 24, 2022
PEAR::Auth potential authentication bypass vulnerability High
CVE-2006-0868 was published for pear/auth (Composer) May 1, 2022
phpMyAdmin unsafely handles temporary files High
CVE-2008-7252 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Drupal Node Validation Bypass in the node module API High
CVE-2008-4793 was published for drupal/drupal (Composer) May 17, 2022
Composer code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php High
CVE-2024-24821 was published for composer/composer (Composer) Feb 8, 2024
edonsec
Joomla! Open Redirect vulnerability High
CVE-2008-3227 was published for joomla/framework (Composer) May 1, 2022
TYPO3 Backend Command Injection via Shell Metacharacters in Uploaded File Name High
CVE-2009-3631 was published for typo3/cms-backend (Composer) May 2, 2022
Symfony Cryptographic Vulnerability High
CVE-2016-1902 was published for symfony/security (Composer) May 17, 2022
Symfony CSRF Token Fixation High
CVE-2018-11406 was published for symfony/security (Composer) May 14, 2022
Symfony Session Fixation Vulnerability High
CVE-2018-11385 was published for symfony/security (Composer) May 14, 2022
Arbitrary Code Execution in Processwire High
CVE-2023-24676 was published for processwire/processwire (Composer) Jan 24, 2024
TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism High
CVE-2010-3714 was published for typo3/cms (Composer) May 17, 2022
TYPO3 SQL injection vulnerability on the backend High
CVE-2010-3662 was published for typo3/cms-backend (Composer) Apr 21, 2022
Symfony Arbitrary PHP code Execution High
CVE-2013-1397 was published for symfony/symfony (Composer) May 17, 2022
Symfony collectionCascaded and collectionCascadedDeeply fields security bypass High
CVE-2013-4751 was published for symfony/symfony (Composer) May 5, 2022
Zend Framework CSRF Vulnerability High
CVE-2015-1786 was published for zendframework/zendframework (Composer) May 17, 2022
Cross-Site Scripting through Fluid view helper arguments High
CVE-2020-26216 was published for typo3fluid/fluid (Composer) Nov 18, 2020
NamelessCoder jonaseberle
Unsafe deserialization in Yii 2 High
CVE-2020-15148 was published for yiisoft/yii2 (Composer) Sep 15, 2020
nt0xa
Typo3 Vulnerable to Insecure Deserialization High
CVE-2019-12747 was published for typo3/cms (Composer) May 24, 2022
Smarty Path Traversal Vulnerability High
CVE-2018-13982 was published for smarty/smarty (Composer) May 13, 2022
Sandbox Escape by math function in smarty High
CVE-2021-29454 was published for smarty/smarty (Composer) Jan 12, 2022
Access to restricted PHP code by dynamic static class access in smarty High
CVE-2021-21408 was published for smarty/smarty (Composer) Jan 12, 2022
Sandbox escape through template_object in smarty High
CVE-2021-26119 was published for smarty/smarty (Composer) Mar 2, 2021
stevenseeley
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database