Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,343 advisories

Loading
Subrion CMS RCE Vulnerability High
CVE-2018-19422 was published for intelliants/subrion (Composer) May 13, 2022
TYPO3 SQL injection vulnerability in the Extbase Framework High
CVE-2013-1842 was published for typo3/cms-core (Composer) May 17, 2022
phpMyAdmin Remote Code Execution High
CVE-2013-3239 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Moodle CSRF Vulnerability High
CVE-2019-10186 was published for moodle/moodle (Composer) May 24, 2022
Dolibarr ERP and CRM malicious executable loading High
CVE-2019-11200 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr ERP and CRM Code Injection High
CVE-2019-11201 was published for dolibarr/dolibarr (Composer) May 24, 2022
Moodle incorrect access control High
CVE-2020-25629 was published for moodle/moodle (Composer) May 24, 2022
Silverstripe CMS malicious file upload enables script execution High
CVE-2020-9309 was published for silverstripe/cms (Composer) May 24, 2022
Microweber Discloses Sensitive Information High
CVE-2020-13405 was published for microweber/microweber (Composer) May 24, 2022
Shopware vulnerable to SSRF High
CVE-2020-13970 was published for shopware/platform (Composer) May 24, 2022
SEOmatic for CraftCMS allows Server-Side Template Injection High
CVE-2020-12790 was published for nystudio107/craft-seomatic (Composer) May 24, 2022
Microweber allows Unrestricted File Upload High
CVE-2020-13241 was published for microweber/microweber (Composer) May 24, 2022
Moodle vulnerable to RCE High
CVE-2020-10738 was published for moodle/moodle (Composer) May 24, 2022
Typo3 Vulnerable to Cache Poisoning High
CVE-2014-9509 was published for typo3/cms (Composer) May 17, 2022
MAGMI plugin for Magento Unsafe File Upload High
CVE-2014-8770 was published for dweeves/magmi (Composer) May 14, 2022
Centreon Command Injection High
CVE-2015-1561 was published for centreon/centreon (Composer) May 14, 2022
October CMS PHP Code Execution High
CVE-2017-1000119 was published for october/cms (Composer) May 13, 2022
Extbase for TYPO3 allows RCE High
CVE-2016-5091 was published for typo3/cms-extbase (Composer) May 17, 2022
Shopware Insecure Deserialization Vulnerability High
CVE-2019-12799 was published for shopware/shopware (Composer) May 24, 2022
Dolibarr ERP and CRM Unsafe File Upload Vulnerability High
CVE-2017-9840 was published for dolibarr/dolibarr (Composer) May 17, 2022
Elefant CMS CSRF Vulnerability High
CVE-2018-16387 was published for elefant/cms (Composer) May 14, 2022
Pimcore CSRF Vulnerability High
CVE-2018-14057 was published for pimcore/pimcore (Composer) May 14, 2022
Shopware SQL Injection High
CVE-2018-20713 was published for shopware/shopware (Composer) May 14, 2022
LibreNMS SQL Injection High
CVE-2018-20678 was published for librenms/librenms (Composer) May 14, 2022
LTI 1.3 Tool Library's function used to generate random nonces not sufficiently cryptographically complex before v5.0 High
CVE-2022-31157 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database