GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,885 advisories
Ability to switch customer email address on account detail page and stay verified
Moderate
CVE-2020-15245
was published
for
sylius/sylius
(Composer)
Oct 19, 2020
Exceptions displayed in non-debug configurations in Symfony
Moderate
CVE-2020-5274
was published
for
symfony/error-handler
(Composer)
Mar 30, 2020
PHP League CommonMark vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2018-20583
was published
for
league/commonmark
(Composer)
May 14, 2022
File reference keys leads to incorrect hashes on HMAC algorithms
Moderate
CVE-2021-41106
was published
for
lcobucci/jwt
(Composer)
Sep 29, 2021
Cross-site Scripting in Drupal Core
Moderate
CVE-2020-13668
was published
for
drupal/core
(Composer)
Feb 12, 2022
phpMyFAQ vulnerable to stored XSS on attachments filename
Moderate
CVE-2024-24574
was published
for
phpmyfaq/phpmyfaq
(Composer)
Feb 5, 2024
phpMyFAQ sharing FAQ functionality can easily be abused for phishing purposes
Moderate
CVE-2024-22208
was published
for
phpmyfaq/phpmyfaq
(Composer)
Feb 5, 2024
phpMyFAQ User Removal Page Allows Spoofing Of User Details
Moderate
CVE-2024-22202
was published
for
phpmyfaq/phpmyfaq
(Composer)
Feb 5, 2024
ProTip!
Advisories are also available from the
GraphQL API