Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,869 advisories

Loading
Knock Knock plugin Open redirection vulnerability Moderate
CVE-2020-13486 was published for verbb/knock-knock (Composer) May 24, 2022
phpBB Server side request forgery (SSRF) Moderate
CVE-2019-11767 was published for phpbb/phpbb (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-13376 was published for phpbb/phpbb (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2020-5501 was published for phpbb/phpbb (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-16107 was published for phpbb/phpbb (Composer) May 24, 2022
Image Resizer Cross-site Scripting (XSS) in the Bulk Resize action Moderate
CVE-2020-13459 was published for verbb/image-resizer (Composer) May 24, 2022
phpMyAdmin SQL injection vulnerability Moderate
CVE-2020-10803 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Moodle Open redirect risk in mobile auto-login feature Moderate
CVE-2022-35652 was published for moodle/moodle (Composer) Jul 26, 2022
Moodle Global search displays user names for unauthenticated users Moderate
CVE-2017-2643 was published for moodle/moodle (Composer) May 17, 2022
Moodle XSS in attachments to evidence of prior learning Moderate
CVE-2017-2645 was published for moodle/moodle (Composer) May 17, 2022
Moodle Cross-site Scripting in the Course summary filter of the Add a new course Moderate
CVE-2017-7298 was published for moodle/moodle (Composer) May 14, 2022
Moodle External blog editing takeover Moderate
CVE-2017-7489 was published for moodle/moodle (Composer) May 13, 2022
Moodle Cross-site Scripting Moderate
CVE-2018-14631 was published for moodle/moodle (Composer) May 13, 2022
Moodle Cross Site Scripting (XSS) Moderate
CVE-2021-32244 was published for moodle/moodle (Composer) May 24, 2022
Moodle Ability to delete glossary entries that belong to another glossary Moderate
CVE-2019-10187 was published for moodle/moodle (Composer) May 24, 2022
Pimcore Cross-site Scripting (XSS) vulnerability Moderate
CVE-2019-18982 was published for pimcore/pimcore (Composer) May 24, 2022
Pimcore Cross-site Scripting (XSS) Moderate
CVE-2022-2796 was published for pimcore/pimcore (Composer) Aug 24, 2022
phpMyAdmin Cross-site scripting (XSS) vulnerability in SQL parser Moderate
CVE-2016-2559 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Improper Input Validation Moderate
CVE-2016-2562 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Local file exposure through symlinks with UploadDir Moderate
CVE-2016-6613 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Local file exposure Moderate
CVE-2016-6612 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Reflected File Download attack Moderate
CVE-2016-6628 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Denial of Service (DoS) Moderate
CVE-2016-9860 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature Moderate
CVE-2018-7260 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin full path disclosure vulnerability Moderate
CVE-2016-5730 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database