Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,886 advisories

Loading
Pagekit open redirect vulnerability Moderate
CVE-2018-14381 was published for pagekit/pagekit (Composer) May 14, 2022
XSS in baserCMS Moderate
CVE-2018-0574 was published for baserproject/basercms (Composer) May 14, 2022
XSS in baserCMS Moderate
CVE-2018-0570 was published for baserproject/basercms (Composer) May 14, 2022
baserCMS arbitrary file upload vulnerability Moderate
CVE-2018-0571 was published for baserproject/basercms (Composer) May 14, 2022
Sensitive Data Exposure in baserCMS Moderate
CVE-2018-0575 was published for baserproject/basercms (Composer) May 14, 2022
Joomla! vulnerable to Cross-site Scripting Moderate
CVE-2011-2509 was published for joomla/joomla-cms (Composer) May 14, 2022
Joomla! vulnerable to Cross-site Scripting Moderate
CVE-2010-1649 was published for joomla/joomla-cms (Composer) May 14, 2022
phpMyAdmin XSS Vulnerability Moderate
CVE-2018-12581 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Yii2-StateMachine extension for Yii2 XSS Vulnerability Moderate
CVE-2018-12290 was published for ptheofan/yii2-statemachine (Composer) May 14, 2022
nZEDb Cross-site Scripting (XSS) in the 404 error page Moderate
CVE-2017-18286 was published for nzedb/nzedb (Composer) May 14, 2022
Converse.js Exposure of Sensitive Information Moderate
CVE-2018-6591 was published for converse.js (Composer) May 14, 2022
phpMyAdmin DoS Vulnerability Moderate
CVE-2016-6622 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin Denial of service (DOS) attack in transformation feature Moderate
CVE-2016-6618 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Pagekit Stored Cross-site Scripting Moderate
CVE-2018-11564 was published for pagekit/pagekit (Composer) May 14, 2022
OpenCart Path Traversal Moderate
CVE-2018-11495 was published for opencart/opencart (Composer) May 14, 2022
Moodle Portfolio forum caller class allows a user to download any file Moderate
CVE-2018-1135 was published for moodle/moodle (Composer) May 14, 2022
Joomla! XSS Vulnerability Moderate
CVE-2018-11326 was published for joomla/joomla-cms (Composer) May 14, 2022
Dolibarr Cross-site scripting (XSS) vulnerability Moderate
CVE-2018-10095 was published for dolibarr/dolibarr (Composer) May 14, 2022
GeniXCMS Cross-site scripting (XSS) vulnerability Moderate
CVE-2017-14740 was published for genix/cms (Composer) May 14, 2022
User Plugin for October CSS Allows XSS Moderate
CVE-2018-10366 was published for rainlab/user-plugin (Composer) May 14, 2022
Moodle Cross-site Scripting in the Course summary filter of the Add a new course Moderate
CVE-2017-7298 was published for moodle/moodle (Composer) May 14, 2022
Dolibarr ERP and CRM contain XSS Vulnerability Moderate
CVE-2017-18259 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2017-9838 was published for dolibarr/dolibarr (Composer) May 14, 2022
Gleez CMS Stored XSS Moderate
CVE-2018-7035 was published for gleez/cms (Composer) May 14, 2022
Typo3 XSS Vulnerability Moderate
CVE-2018-6905 was published for typo3/cms (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database