Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,886 advisories

Loading
Craft CMS XSS Vulnerability Moderate
CVE-2019-12823 was published for craftcms/cms (Composer) May 24, 2022
phpMyAdmin XSS Vulnerability Moderate
CVE-2016-9856 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin XSS Vulnerability Moderate
CVE-2016-9857 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Cryptographic Vulnerability Moderate
CVE-2016-9847 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Silverstripe has Cross-site Scripting (XSS) vulnerabilities inherited from TinyMCE Moderate
GHSA-4q66-g4mm-8rg5 was published for silverstripe/admin (Composer) Jul 31, 2023
GuySartorelli
Credited to GuySartorelli
Dolibarr ERP and CRM contain XSS Vulnerabilities Moderate
CVE-2016-1912 was published for dolibarr/dolibarr (Composer) May 17, 2022
Cross site scripting in Croogo Moderate
CVE-2017-1000510 was published for croogo/croogo (Composer) May 14, 2022
Ocramius
Credited to Ocramius
baserCMS Access Control Bypass Moderate
CVE-2015-5640 was published for baserproject/basercms (Composer) May 13, 2022
Shopware Cross-site Scripting Vulnerability Moderate
CVE-2019-12935 was published for shopware/shopware (Composer) May 24, 2022
phpMyAdmin CSRF Vulnerability Moderate
CVE-2019-12616 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Moodle does not revoke role capabilities correctly Moderate
CVE-2019-14879 was published for moodle/moodle (Composer) May 24, 2022
Silverstripe CMS Open Redirect Moderate
CVE-2015-5062 was published for silverstripe/cms (Composer) May 14, 2022
Centreon Cross-site Scripting Vulnerability Moderate
CVE-2015-7672 was published for centreon/centreon (Composer) May 14, 2022
Exposure of Resource to Wrong Sphere in microweber Moderate
CVE-2022-0762 was published for microweber/microweber (Composer) Feb 27, 2022
Aimeos Typo3 extension contains Cross-site Scripting vulnerability Moderate
CVE-2021-28380 was published for aimeos/aimeos-typo3 (Composer) May 24, 2022
Concrete CMS Cross-site Scripting via Survey Blocks Moderate
CVE-2021-28145 was published for concrete5/concrete5 (Composer) May 24, 2022
phpBB Open Redirect Moderate
CVE-2015-3880 was published for phpbb/phpbb (Composer) May 17, 2022
Dolibarr ERP and CRM contain Cross-site Scripting Vulnerability Moderate
CVE-2015-3935 was published for dolibarr/dolibarr (Composer) May 17, 2022
phpMyAdmin ReCaptcha bypass Moderate
CVE-2015-6830 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Typo3 XSS Vulnerability Moderate
CVE-2015-8755 was published for typo3/cms (Composer) May 17, 2022
Exposure of Resource to Wrong Sphere in ezsystems/ezplatform-kernel Moderate
CVE-2022-25336 was published for ezsystems/ezplatform-kernel (Composer) Feb 19, 2022
Concrete CMS Cross-site Scripting vulnerability Moderate
CVE-2022-43695 was published for concrete5/concrete5 (Composer) Jul 6, 2023
Silverstripe CMS XSS Vulnerability Moderate
CVE-2017-5197 was published for silverstripe/cms (Composer) May 14, 2022
October CMS XSS In Caption Tag of Profile Moderate
CVE-2015-5612 was published for october/october (Composer) May 17, 2022
phpMyAdmin micro history Implementation XSS Vulnerability Moderate
CVE-2014-6300 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database