Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,681
Maven
5,000+
npm
4,309
NuGet
760
pip
4,083
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,869 advisories

Loading
FriendsOfSymfony FOSUserBundle denial of service via login form Moderate
CVE-2013-5750 was published for friendsofsymfony/user-bundle (Composer) May 17, 2022
KumbiaPHP Cross-site Scripting Moderate
CVE-2020-14146 was published for kumbiaphp/kumbiapp (Composer) May 24, 2022
Moodle Cross-Site Request Forgery (CSRF) Moderate
CVE-2017-7491 was published for moodle/moodle (Composer) May 17, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32472 was published for moodle/moodle (Composer) Mar 12, 2022
Moodle Information Disclosure vulnerability Moderate
CVE-2021-32473 was published for moodle/moodle (Composer) Mar 12, 2022
moodle Improper Access Control Moderate
CVE-2019-10189 was published for moodle/moodle (Composer) May 24, 2022
moodle Improper Access Control Moderate
CVE-2019-10188 was published for moodle/moodle (Composer) May 24, 2022
Drupal Users without "Administer comments" can set comment visibility on nodes they can edit Moderate
CVE-2016-7570 was published for drupal/core (Composer) May 17, 2022
Drupal cross-site scripting vulnerability Moderate
CVE-2017-6927 was published for drupal/core (Composer) May 14, 2022
Drupal Cross-Site Scripting vulnerability Moderate
CVE-2011-2714 was published for drupal/core (Composer) Apr 22, 2022
Drupal Settings Tray access bypass Moderate
CVE-2017-6931 was published for drupal/core (Composer) May 13, 2022
Drupal access bypass vulnerability Moderate
CVE-2017-6928 was published for drupal/core (Composer) May 13, 2022
Drupal core access bypass vulnerability Moderate
CVE-2017-6922 was published for drupal/core (Composer) May 13, 2022
Drupal Core Cross-site scripting vulnerability Moderate
CVE-2020-13688 was published for drupal/core (Composer) May 24, 2022
Drupal Core Access bypass vulnerability Moderate
CVE-2020-13667 was published for drupal/core (Composer) May 24, 2022
Drupal Core Open Redirect vulnerability Moderate
CVE-2020-13662 was published for drupal/core (Composer) May 24, 2022
Drupal Core Cross-site scripting vulnerability Moderate
CVE-2020-13666 was published for drupal/core (Composer) May 24, 2022
Drupal CRLF injection vulnerability in the drupal_set_header function Moderate
CVE-2016-3166 was published for drupal/core (Composer) May 17, 2022
Drupal Cross-site scripting (XSS) vulnerability Moderate
CVE-2016-7571 was published for drupal/core (Composer) May 17, 2022
Drupal Unprivileged access to config export Moderate
CVE-2016-7572 was published for drupal/core (Composer) May 17, 2022
Drupal sensitive information disclosure Moderate
CVE-2016-9449 was published for drupal/core (Composer) May 17, 2022
Drupal cross site scripting vulnerability Moderate
CVE-2017-6929 was published for drupal/core (Composer) May 14, 2022
Drupal external link injection vulnerability Moderate
CVE-2017-6932 was published for drupal/core (Composer) May 14, 2022
OpenCart Path Traversal Moderate
CVE-2018-11495 was published for opencart/opencart (Composer) May 14, 2022
QuickApps CMS Cross-site Scripting Moderate
CVE-2017-1000495 was published for quickapps/cms (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database