Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,343 advisories

Loading
Dolibarr error-based SQL injection vulnerability in product/card.php High
CVE-2018-19994 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in user/card.php High
CVE-2018-19998 was published for dolibarr/dolibarr (Composer) May 14, 2022
Shopware SQL Injection High
CVE-2018-20713 was published for shopware/shopware (Composer) May 14, 2022
PrestaShop PHP Object Injection High
CVE-2018-20717 was published for prestashop/prestashop (Composer) May 14, 2022
mPDF Unsafe Deserialization High
CVE-2019-1000005 was published for mpdf/mpdf (Composer) May 14, 2022
Code Injection in baserCMS High
CVE-2017-10844 was published for baserproject/basercms (Composer) May 14, 2022
Symfony Session Fixation Vulnerability High
CVE-2018-11385 was published for symfony/security (Composer) May 14, 2022
Subrion CMS vulnerable to CSRF in admin/blocks/add High
CVE-2017-6068 was published for intelliants/subrion (Composer) May 14, 2022
Symfony Directory Traversal High
CVE-2017-16654 was published for symfony/intl (Composer) May 14, 2022
GeniXCMS SQL injection vulnerability High
CVE-2017-5346 was published for genix/cms (Composer) May 14, 2022
phpMyAdmin DoS Vulnerability High
CVE-2017-1000014 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin DoS Vulnerability High
CVE-2017-1000018 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Moodle SSRF Vulnerability High
CVE-2019-6970 was published for moodle/moodle (Composer) May 14, 2022
phpMyAdmin SSRF in replication High
CVE-2017-1000017 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
LibreNMS SQL Injection High
CVE-2018-20678 was published for librenms/librenms (Composer) May 14, 2022
Symfony CSRF Token Fixation High
CVE-2018-11406 was published for symfony/security (Composer) May 14, 2022
Subrion CMS vulnerable to CSRF in blog/delete High
CVE-2017-18366 was published for intelliants/subrion (Composer) May 14, 2022
Contao CSRF Token Bypass High
CVE-2019-10642 was published for contao/contao (Composer) May 14, 2022
phpMyAdmin CSRF Vulnerability High
CVE-2018-19969 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin CSRF Vulnerability High
CVE-2017-1000499 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
SimpleSAMLphp InfoCard module Incorrect signature verification High
CVE-2017-12874 was published for simplesamlphp/simplesamlphp-module-infocard (Composer) May 14, 2022
SimpleSAMLphp Authentication context bypass in the multiauth module High
CVE-2017-12869 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
SimpleSAMLphp Signature validation bypass High
CVE-2017-18122 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
Laravel Framework RCE Vulnerability High
CVE-2018-15133 was published for laravel/framework (Composer) May 14, 2022
mattberry3
Credited to mattberry3
MAGMI plugin for Magento Unsafe File Upload High
CVE-2014-8770 was published for dweeves/magmi (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database