GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
1,342 advisories
Filter by severity
CardGate Payments plugin for WooCommerce does not validate request origin
High
CVE-2020-8819
was published
for
cardgate/woocommerce
(Composer)
May 24, 2022
Silverstripe CSRF Protection Bypass via GraphQL
High
CVE-2019-12437
was published
for
silverstripe/graphql
(Composer)
May 24, 2022
Magento sql injection vulnerability
High
CVE-2020-3719
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento arbitrary PHP code execution via the productData parameter
High
CVE-2015-6497
was published
for
magento/core
(Composer)
May 24, 2022
phpMyAdmin SQL injection in user accounts page
High
CVE-2020-5504
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
TYPO3 Insecure Deserialization in Query Generator & Query View
High
CVE-2019-19849
was published
for
typo3/cms
(Composer)
May 24, 2022
Pagekit File Upload vulnerability
High
CVE-2019-19013
was published
for
pagekit/pagekit
(Composer)
May 24, 2022
Pimcore Discloses Usernames In Use
High
CVE-2019-18986
was published
for
pimcore/pimcore
(Composer)
May 24, 2022
Magento Remote code execution through catalog attribute sets
High
CVE-2019-8231
was published
for
magento/core
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8159
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8150
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition SSRF vulnerability
High
CVE-2019-8156
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Server-Side Request Forgery (SSRF)
High
CVE-2019-8151
was published
for
magento/community-edition
(Composer)
May 24, 2022
Withdrawn Advisory: Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8229
was published
for
magento/community-edition
(Composer)
May 24, 2022
•
withdrawn
Magento Remote code execution through support/output path modification
High
CVE-2019-8230
was published
for
magento/core
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8141
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8137
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL injection via marketing account with access to email templates variables
High
CVE-2019-8134
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8122
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL injection vulnerability
High
CVE-2019-8130
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8119
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition SQLi Vulnerability
High
CVE-2019-8127
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability via CSRF
High
CVE-2019-8109
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8110
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition Security Bypass
High
CVE-2019-8112
was published
for
magento/community-edition
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API