Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,887 advisories

Loading
Typo3 Extbase Framework Unsafe Deserialization Moderate
CVE-2012-1605 was published for typo3/cms (Composer) May 17, 2022
Typo3 API XSS Vulnerabilities Moderate
CVE-2012-1608 was published for typo3/cms (Composer) May 17, 2022
TYPO3 allows remote attackers to obtain the database name via a direct request Moderate
CVE-2012-1607 was published for typo3/cms (Composer) May 17, 2022
CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php file Moderate
CVE-2011-3712 was published for cakephp/cakephp (Composer) May 17, 2022
ravage84
Credited to ravage84
HTML Purifier allows remote attackers to obtain sensitive information Moderate
CVE-2011-3744 was published for ezyang/htmlpurifier (Composer) May 17, 2022
Rudloff
Credited to Rudloff
phpMyAdmin Open Redirect in redirector Moderate
CVE-2011-1941 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
TYPO3 cross-site scripting (XSS) vulnerability in the RemoveXSS function and the backend Moderate
CVE-2010-3715 was published for typo3/cms-backend (Composer) May 17, 2022
phpMyAdmin Cross-site Scripting vulnerability Moderate
CVE-2010-2958 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
HTML Purifier Cross-site Scripting (XSS) vulnerability Moderate
CVE-2010-2479 was published for ezyang/htmlpurifier (Composer) May 17, 2022
DOMPDF Information Disclosure Moderate
CVE-2014-5011 was published for dompdf/dompdf (Composer) May 17, 2022
DOMPDF denial of service vulnerability Moderate
CVE-2014-5012 was published for dompdf/dompdf (Composer) May 17, 2022
DCE extension for Typo3 Discloses Environment Information Moderate
CVE-2014-8328 was published for t3/dce (Composer) May 17, 2022
Cross-site Scripting in Jirafeau Moderate
CVE-2022-30110 was published for mojo42/jirafeau (Composer) May 18, 2022
Cross-site Scripting in moodle Moderate
CVE-2022-30596 was published for moodle/moodle (Composer) May 19, 2022
External Control of Assumed-Immutable Web Parameter in moodle Moderate
CVE-2022-30597 was published for moodle/moodle (Composer) May 19, 2022
Exposure of Sensitive Information in moodle Moderate
CVE-2022-30598 was published for moodle/moodle (Composer) May 19, 2022
phpBB Server side request forgery (SSRF) Moderate
CVE-2019-11767 was published for phpbb/phpbb (Composer) May 24, 2022
ImpressCMS XSS Moderate
CVE-2018-13983 was published for impresscms/impresscms (Composer) May 24, 2022
ezplatform-admin-ui Cross-site Scripting (XSS) vulnerability Moderate
CVE-2019-12139 was published for ezsystems/ezplatform-admin-ui (Composer) May 24, 2022
PrestaShop Cross-site Scripting vulnerability Moderate
CVE-2019-11876 was published for prestashop/prestashop (Composer) May 24, 2022
phpMyAdmin CSRF Vulnerability Moderate
CVE-2019-12616 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Craft CMS XSS Vulnerability Moderate
CVE-2019-12823 was published for craftcms/cms (Composer) May 24, 2022
MantisBT cross-site scripting (XSS) vulnerability through crafted PATH_INFO Moderate
CVE-2018-16514 was published for mantisbt/mantisbt (Composer) May 24, 2022
Moodle Open Redirect Vulnerability Moderate
CVE-2019-10133 was published for moodle/moodle (Composer) May 24, 2022
MarkLee131
Credited to MarkLee131
Moodle Private files uploaded via incoming mail processing could bypass quota restrictions Moderate
CVE-2019-10134 was published for moodle/moodle (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database