Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,869 advisories

Loading
subrion CMS Cross Site Scripting (XSS) vulnerability Moderate
CVE-2020-23761 was published for intelliants/subrion (Composer) May 24, 2022
Subrion Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2020-22330 was published for intelliants/subrion (Composer) May 24, 2022
Subrion Cross-site Scripting (XSS) Moderate
CVE-2018-16327 was published for intelliants/subrion (Composer) May 14, 2022
Subrion CMS Stored Cross-site Scripting (XSS) Moderate
CVE-2018-15563 was published for intelliants/subrion (Composer) May 14, 2022
Subrion Cross-site scripting (XSS) vulnerability Moderate
CVE-2017-10795 was published for intelliants/subrion (Composer) May 14, 2022
Evolution CMS Cross-site Scripting (XSS) Moderate
CVE-2018-16638 was published for evolutioncms/evolution (Composer) May 14, 2022
Evolution CMS Stored Cross-site Scripting (XSS) Moderate
CVE-2018-16637 was published for evolutioncms/evolution (Composer) May 14, 2022
bbPress Cross-site Scripting (XSS) vulnerability Moderate
CVE-2011-1150 was published for bbpress/bbpress (Composer) Apr 22, 2022
bbPress stored Cross-Site Scripting (XSS) vulnerability in the Forum creation section Moderate
CVE-2020-13487 was published for bbpress/bbpress (Composer) May 24, 2022
MediaElement Vulnerable to Reflected XSS Moderate
CVE-2016-4567 was published for contao-components/mediaelement (Composer) May 17, 2022
SimpleSAMLphp Invalid token creation and validation Moderate
CVE-2017-12867 was published for simplesamlphp/simplesamlphp (Composer) May 13, 2022
SimpleSAMLphp Open redirection protection bypass Moderate
CVE-2018-6520 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
SimpleSAMLphp Information leakage issue in the sanitycheck module Moderate
CVE-2016-3124 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
TYPO3 Directory Traversal on ZIP extraction Moderate
CVE-2019-19848 was published for typo3/cms (Composer) May 24, 2022
paypal/permissions-sdk-php reflected Cross-site Scripting (XSS) Moderate
CVE-2017-6215 was published for paypal/permissions-sdk-php (Composer) May 14, 2022
PayPal PHP Merchant SDK Cross-site scripting (XSS) vulnerability Moderate
CVE-2017-6099 was published for paypal/merchant-sdk-php (Composer) May 14, 2022
paypal/invoice-sdk-php reflected XSS Moderate
CVE-2017-6213 was published for paypal/invoice-sdk-php (Composer) May 14, 2022
Froxlor Information Disclosure Moderate
CVE-2020-10236 was published for froxlor/froxlor (Composer) May 24, 2022
GeniXCMS Cross-site scripting (XSS) vulnerability Moderate
CVE-2017-14740 was published for genix/cms (Composer) May 14, 2022
paypal/adaptivepayments-sdk-php vulnerable to a reflected XSS Moderate
CVE-2017-6217 was published for paypal/adaptivepayments-sdk-php (Composer) May 24, 2022
TYPO3 SQL Injection in low-level Query Generator Moderate
CVE-2019-19850 was published for typo3/cms (Composer) May 24, 2022
TYPO3 Improper Session Invalidation Moderate
CVE-2014-3944 was published for typo3/cms (Composer) May 17, 2022
TYPO3 Backend component Cross-site scripting (XSS) vulnerability Moderate
CVE-2016-4056 was published for typo3/cms (Composer) May 17, 2022
TYPO3 Information Disclosure Vulnerability Moderate
CVE-2017-6370 was published for typo3/cms (Composer) May 13, 2022
GeniXCMS Cross-site Scripting (XSS) Moderate
CVE-2017-8376 was published for genix/cms (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database