Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,887 advisories

Loading
infusionsoft-php-sdk reflected Cross-site Scripting Moderate
CVE-2017-6216 was published for novaksolutions/infusionsoft-php-sdk (Composer) May 24, 2022
Subrion CMS XSS Moderate
CVE-2018-11317 was published for intelliants/subrion (Composer) May 24, 2022
paypal/adaptivepayments-sdk-php vulnerable to a reflected XSS Moderate
CVE-2017-6217 was published for paypal/adaptivepayments-sdk-php (Composer) May 24, 2022
MediaWiki Incorrect Access Control vulnerability Moderate
CVE-2019-12467 was published for mediawiki/core (Composer) May 24, 2022
Wikimedia MediaWik exposed suppressed log in RevisionDelete page Moderate
CVE-2019-12470 was published for mediawiki/core (Composer) May 24, 2022
MediaWiki Cross-site Scripting (XSS) Moderate
CVE-2019-12471 was published for mediawiki/core (Composer) May 24, 2022
MediaWiki Incorrect Access Control vulnerability Moderate
CVE-2019-12469 was published for mediawiki/core (Composer) May 24, 2022
Dolibarr Cross Site Scripting (XSS) Moderate
CVE-2019-1010016 was published for dolibarr/dolibarr (Composer) May 24, 2022
Firefly III vulnerable to stored XSS Moderate
CVE-2019-13644 was published for grumpydictator/firefly-iii (Composer) May 24, 2022
Firefly III vulnerable to stored XSS Moderate
CVE-2019-13645 was published for grumpydictator/firefly-iii (Composer) May 24, 2022
Firefly III vulnerable to reflected cross-site scripting Moderate
CVE-2019-13646 was published for grumpydictator/firefly-iii (Composer) May 24, 2022
Firefly III vulnerable to image-based stored XSS Moderate
CVE-2019-13647 was published for grumpydictator/firefly-iii (Composer) May 24, 2022
SunHater KCFinder cross-site scripting (XSS) vulnerability in upload.php Moderate
CVE-2019-14315 was published for sunhater/kcfinder (Composer) May 24, 2022
moodle Improper Access Control Moderate
CVE-2019-10188 was published for moodle/moodle (Composer) May 24, 2022
Moodle Ability to delete glossary entries that belong to another glossary Moderate
CVE-2019-10187 was published for moodle/moodle (Composer) May 24, 2022
moodle Improper Access Control Moderate
CVE-2019-10189 was published for moodle/moodle (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7853 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Path Disclosure Moderate
CVE-2019-7852 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition CSRF vulnerability Moderate
CVE-2019-7851 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Cryptographic Flaw Moderate
CVE-2019-7855 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7867 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7866 was published for magento/community-edition (Composer) May 24, 2022
Magento Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-7857 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition IDOR Vulnerability Moderate
CVE-2019-7864 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7862 was published for magento/community-edition (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database