Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,869 advisories

Loading
GeniXCMS Cross-site Scripting Moderate
CVE-2017-8780 was published for genix/cms (Composer) May 17, 2022
GeniXCMS Cross-site Scripting (XSS) Moderate
CVE-2017-8762 was published for genix/cms (Composer) May 17, 2022
GeniXCMS denial of service (account blockage) Moderate
CVE-2017-14231 was published for genix/cms (Composer) May 17, 2022
GeniXCMS Cross-site Scripting (XSS) via id parameter Moderate
CVE-2017-14762 was published for genix/cms (Composer) May 17, 2022
GeniXCMS Cross-site Scripting (XSS) via the Menu ID field Moderate
CVE-2017-14765 was published for genix/cms (Composer) May 17, 2022
GeniXCMS Mailbox validation logic vulnerability Moderate
CVE-2017-8388 was published for genix/cms (Composer) May 13, 2022
GeniXCMS Cross-site Scripting (XSS) vulnerability via id parameter Moderate
CVE-2017-14761 was published for genix/cms (Composer) May 17, 2022
Foxlor cross-site scripting (XSS) vulnerability Moderate
CVE-2020-28957 was published for froxlor/froxlor (Composer) May 24, 2022
Froxlor Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2020-10237 was published for froxlor/froxlor (Composer) May 24, 2022
SilverStripe asset-admin Cross-site Scripting (XSS) Moderate
CVE-2019-14272 was published for silverstripe/framework (Composer) May 24, 2022
SilverStripe Denial of Service on flush and development URL tools Moderate
CVE-2019-12246 was published for silverstripe/framework (Composer) May 24, 2022
SilverStripe XXE Vulnerability in CSSContentParser Moderate
CVE-2020-25817 was published for silverstripe/framework (Composer) May 24, 2022
SilverStripe CSV Excel Macro Injection Moderate
CVE-2017-18049 was published for silverstripe/framework (Composer) May 14, 2022
SimpleSAMLphp Incorrect IV generation for encryption Moderate
CVE-2017-12871 was published for simplesamlphp/simplesamlphp (Composer) May 17, 2022
SimpleSAMLphp Unauthenticated encryption in CBC mode Moderate
CVE-2017-12870 was published for simplesamlphp/simplesamlphp (Composer) May 17, 2022
eGroupware Community Edition Stored XSS vulnerability Moderate
CVE-2017-14920 was published for egroupware/egroupware (Composer) May 17, 2022
eZ Publish Cross-site Scripting (XSS) vulnerability Moderate
CVE-2017-1000431 was published for ezsystems/ezpublish-legacy (Composer) May 14, 2022
ThinkCMF Stored Cross-Site Scripting (XSS) Moderate
CVE-2022-40849 was published for thinkcmf/thinkcmf (Composer) Dec 1, 2022
ThinkCMF Cross Site Request Forgerly (CSRF) vulnerability Moderate
CVE-2020-18151 was published for thinkcmf/thinkcmf (Composer) May 24, 2022
imdbphp Cross-Site Scripting (XSS) Moderate
CVE-2017-7204 was published for imdbphp/imdbphp (Composer) May 17, 2022
EC-CUBE DOM-based cross-site scripting vulnerability Moderate
CVE-2022-38975 was published for ec-cube/ec-cube (Composer) Sep 28, 2022
EC-CUBE improperly handles HTTP Host header values Moderate
CVE-2022-25355 was published for ec-cube/ec-cube (Composer) Feb 25, 2022
EC-CUBE Improper access control in Management screen Moderate
CVE-2021-20841 was published for ec-cube/ec-cube (Composer) Nov 25, 2021
EC-CUBE Cross-site request forgery (CSRF) vulnerability Moderate
CVE-2021-20842 was published for ec-cube/ec-cube (Composer) May 24, 2022
EC-CUBE Cross-site scripting vulnerability Moderate
CVE-2021-20751 was published for ec-cube/ec-cube (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database