Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,290 advisories

Loading
EC-CUBE Improper input validation vulnerability High
CVE-2020-5680 was published for ec-cube/ec-cube (Composer) May 24, 2022
AVideo vulnerable to Improper Privilege Management High
CVE-2020-23489 was published for wwbn/avideo (Composer) May 24, 2022
Magento SQL Injection vulnerability High
CVE-2020-24400 was published for magento/community-edition (Composer) May 24, 2022
Subrion CMS CSRF Vulnerability High
CVE-2019-7357 was published for intelliants/subrion (Composer) May 24, 2022
Bookstack Cross-site Scripting vulnerability High
CVE-2020-26211 was published for ssddanbrown/bookstack (Composer) May 24, 2022
PyroCMS Vulnerable to CSRF High
CVE-2020-25263 was published for pyrocms/pyrocms (Composer) May 24, 2022
OATHAuth extension in MediaWiki is not implementing rate limit High
CVE-2020-25827 was published for mediawiki/core (Composer) May 24, 2022
DotPlant2 Improper Restriction of XML External Entity Reference High
CVE-2020-25750 was published for devgroup/dotplant (Composer) May 24, 2022
ThinkAdmin directory traversal vulnerability High
CVE-2020-25540 was published for zoujingli/thinkadmin (Composer) May 24, 2022
AnonySE26
Guard bypass in Eloquent models affecting Laravel illuminate database component High
CVE-2020-24940 was published for illuminate/database (Composer) May 24, 2022
Dolibarr Unrestricted Upload of File with Dangerous Type High
CVE-2020-14209 was published for dolibarr/dolibarr (Composer) May 24, 2022
Codiad CSRF Vulnerability High
CVE-2020-14043 was published for codiad/codiad (Composer) May 24, 2022
Codiad SSRF Vulnerability High
CVE-2020-14044 was published for codiad/codiad (Composer) May 24, 2022
Shopware database password is leaked to an unauthenticated users High
CVE-2020-13997 was published for shopware/core (Composer) May 24, 2022
mitelg
Shopware vulnerable to SSRF High
CVE-2020-13970 was published for shopware/platform (Composer) May 24, 2022
MunkiReport Software Update module is vulnerable to SQL injection High
CVE-2020-15887 was published for munkireport/softwareupdate (Composer) May 24, 2022
MunkiReport reportdata module SQL injection vulnerability High
CVE-2020-15886 was published for munkireport/reportdata (Composer) May 24, 2022
Microweber Discloses Sensitive Information High
CVE-2020-13405 was published for microweber/microweber (Composer) May 24, 2022
Silverstripe CMS malicious file upload enables script execution High
CVE-2020-9309 was published for silverstripe/cms (Composer) May 24, 2022
Silverstripe CMS information disclosure High
CVE-2020-6164 was published for silverstripe/cms (Composer) May 24, 2022
Magento defense-in-depth security mitigation vulnerability High
CVE-2020-9591 was published for magento/community-edition (Composer) May 24, 2022
Magento Signature verification bypass High
CVE-2020-9588 was published for magento/community-edition (Composer) May 24, 2022
Magento authorization bypass vulnerability High
CVE-2020-9587 was published for magento/community-edition (Composer) May 24, 2022
acf-to-rest-api plugin insecure direct object reference (IDOR) via permalink manipulation High
CVE-2020-13700 was published for airesvsg/acf-to-rest-api (Composer) May 24, 2022
MarkLee131
NukeViet Cross-Site Request Forgery (CSRF) High
CVE-2020-13155 was published for nukeviet/nukeviet (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database