GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,302
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
2,868 advisories
Filter by severity
endroid/qr-code-bundle File Disclosure via logo_path query parameter
Moderate
GHSA-mvf6-3f2g-xfxf
was published
for
endroid/qr-code-bundle
(Composer)
May 15, 2024
Path Disclosure within joomla/filesystem class
Moderate
CVE-2022-23794
was published
for
joomla/filesystem
(Composer)
Mar 31, 2022
Cross-site Scripting (XSS) within joomla/filter class
Moderate
CVE-2022-23800
was published
for
joomla/filter
(Composer)
Mar 31, 2022
Drupal Cross-Site Scripting (XSS) affecting CKEditor Third-party library
Moderate
GHSA-qf65-hph9-453r
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core uses a vulnerable Third-party library CKEditor
Moderate
GHSA-337w-fxpq-5m34
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Open Redirect vulnerability
Moderate
GHSA-wxfg-253g-m7r4
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Access control bypass
Moderate
GHSA-5x28-3f32-x523
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Denial of Service
Moderate
GHSA-w333-5f96-mjrr
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Malicious file upload with filenames stating with dot
Moderate
GHSA-58xv-7h9r-mx3c
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Anonymous Open Redirect
Moderate
GHSA-x6v2-xmrq-574j
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Content moderation Access bypass
Moderate
GHSA-86xw-vmcx-9mj4
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect
Moderate
GHSA-r67r-42wx-c8r7
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor
Moderate
CVE-2020-13669
was published
for
drupal/core
(Composer)
Feb 12, 2022
Drupal core Cross-Site Scripting (XSS) vulnerabilities
Moderate
GHSA-vfgc-c76h-mwh4
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Open Redirect vulnerability
Moderate
GHSA-6gf6-24h2-66j4
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core uses a vulnerable Third-party library CKEditor
Moderate
GHSA-v273-j5hq-26xp
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Access bypass
Moderate
GHSA-mh4h-27gq-cxwj
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core unrestricted file upload
Moderate
GHSA-7gwj-7fhm-vw4w
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Denial of Service
Moderate
GHSA-pr99-c33p-fwf6
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal Anonymous Open Redirect
Moderate
GHSA-gfvf-2f25-f34r
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect
Moderate
GHSA-7f4f-p7mq-p4fv
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal Content moderation Access bypass
Moderate
GHSA-f84q-mgj9-8jfc
was published
for
drupal/core
(Composer)
May 15, 2024
doctrine/doctrine-module zero-valued authentication credentials vulnerability
Moderate
GHSA-9wv8-3h8h-x2wc
was published
for
doctrine/doctrine-module
(Composer)
May 15, 2024
Contao Cross-site Scripting vulnerabililty
Moderate
CVE-2018-5478
was published
for
contao/core
(Composer)
Sep 21, 2023
Inadequate XSS Prevention in CodeIgniter/Framework Security Library
Moderate
GHSA-q9j3-4ghj-6h57
was published
for
codeigniter/framework
(Composer)
May 15, 2024
ProTip!
Advisories are also available from the
GraphQL API