Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,886 advisories

Loading
phpMyAdmin CSS Injection Vulnerability Moderate
CVE-2017-1000015 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin Open Redirect Moderate
CVE-2017-1000013 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Silverstripe CMS XSS Vulnerability Moderate
CVE-2017-5197 was published for silverstripe/cms (Composer) May 14, 2022
Craft CMS Cross-site Scripting (XSS) Vulnerability Moderate
CVE-2018-20418 was published for craftcms/cms (Composer) May 14, 2022
Symfony Open Redirect Moderate
CVE-2018-11408 was published for symfony/security-bundle (Composer) May 14, 2022
PayPal PHP Merchant SDK Cross-site scripting (XSS) vulnerability Moderate
CVE-2017-6099 was published for paypal/merchant-sdk-php (Composer) May 14, 2022
Symfony Open Redirect Moderate
CVE-2017-16652 was published for symfony/security (Composer) May 14, 2022
Dolibarr Stored Cross-site Scripting in expensereport/card.php Moderate
CVE-2018-16808 was published for dolibarr/dolibarr (Composer) May 14, 2022
Evolution CMS Cross-site Scripting (XSS) Moderate
CVE-2018-16638 was published for evolutioncms/evolution (Composer) May 14, 2022
Evolution CMS Stored Cross-site Scripting (XSS) Moderate
CVE-2018-16637 was published for evolutioncms/evolution (Composer) May 14, 2022
Kirby XSS Vulnerability Moderate
CVE-2018-16630 was published for getkirby/kirby (Composer) May 14, 2022
Subrion CMS XSS Moderate
CVE-2018-16629 was published for intelliants/subrion (Composer) May 14, 2022
Yii Incorrectly Implements CORS Moderate
CVE-2018-20745 was published for yiisoft/yii2 (Composer) May 14, 2022
MODX Revolution allows XSS via document resources Moderate
CVE-2018-20756 was published for modx/revolution (Composer) May 14, 2022
MODX Revolution vulnerable to XSS attack through its User Photo field Moderate
CVE-2018-20755 was published for modx/revolution (Composer) May 14, 2022
MODX Revolution allows XSS through extended user fields Moderate
CVE-2018-20757 was published for modx/revolution (Composer) May 14, 2022
EC-CUBE Open redirect vulnerability Moderate
CVE-2018-16191 was published for ec-cube/ec-cube (Composer) May 14, 2022
xnuinside
Credited to xnuinside
Croogo vulnerable to XSS in Blog field Moderate
CVE-2019-7168 was published for croogo/croogo (Composer) May 14, 2022
Croogo vulnerable to XSS in title field Moderate
CVE-2019-7170 was published for croogo/croogo (Composer) May 14, 2022
Croogo vulnerable to XSS in title field Moderate
CVE-2019-7169 was published for croogo/croogo (Composer) May 14, 2022
Croogo vulnerable to Cross-site Scripting in title field Moderate
CVE-2019-7173 was published for croogo/croogo (Composer) May 14, 2022
Croogo vulnerable to XSS in title field Moderate
CVE-2019-7171 was published for croogo/croogo (Composer) May 14, 2022
Fork CMS XSS Vulnerability Moderate
CVE-2018-20682 was published for forkcms/forkcms (Composer) May 14, 2022
Microweber XSS Vulnerability Moderate
CVE-2018-1000826 was published for microweber/microweber (Composer) May 14, 2022
PHP League CommonMark vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2018-20583 was published for league/commonmark (Composer) May 14, 2022
jhutchings1
Credited to jhutchings1
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database