Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,110
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

515 advisories

Loading
ThinkPHP SQL injection vulnerability Critical
CVE-2018-17566 was published for topthink/framework (Composer) May 14, 2022
Elefant CMS Code Execution Vulnerability Critical
CVE-2018-16974 was published for elefant/cms (Composer) May 14, 2022
Subrion CMS PHP Object Injection Critical
CVE-2017-5543 was published for intelliants/subrion (Composer) May 14, 2022
ThinkPHP SQL Injection vulnerability Critical
CVE-2018-16385 was published for topthink/framework (Composer) May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-6233 was published for zendframework/zendframework (Composer) May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-4861 was published for zendframework/zendframework (Composer) May 14, 2022
zend-mail remote code execution via Sendmail adapter Critical
CVE-2016-10034 was published for zendframework/zend-mail (Composer) May 14, 2022
Elefant CMS Improper Input Validation Critical
CVE-2018-15601 was published for elefant/cms (Composer) May 14, 2022
Shopware RCE Vulnerability Critical
CVE-2016-3109 was published for shopware/shopware (Composer) May 14, 2022
Bacula-web SQL Injection Vulnerabilities Critical
CVE-2017-15367 was published for bacula-web/bacula-web (Composer) May 14, 2022
Drupal PECL YAML parser unsafe object handling Critical
CVE-2017-6920 was published for drupal/core (Composer) May 14, 2022
PHPOffice Common Improper Restriction of XML External Entity Reference Critical
CVE-2018-14065 was published for phpoffice/common (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13449 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13450 was published for dolibarr/dolibarr (Composer) May 14, 2022
Centreon RCE Vulnerability Critical
CVE-2018-11587 was published for centreon/centreon (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13447 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13448 was published for dolibarr/dolibarr (Composer) May 14, 2022
CodeIgniter Session Fixation Vulnerability Critical
CVE-2018-12071 was published for codeigniter/framework (Composer) May 14, 2022
Symfony Authentication Bypass Critical
CVE-2016-2403 was published for symfony/security (Composer) May 14, 2022
Symfony Authentication Bypass Critical
CVE-2018-11407 was published for symfony/security (Composer) May 14, 2022
Dolibarr SQL injection vulnerability Critical
CVE-2018-10094 was published for dolibarr/dolibarr (Composer) May 14, 2022
SimpleSAMLphp Session fixation issue and authentication bypass in the authcrypt module Critical
CVE-2017-12868 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
thinkphp SQL Injection via the index.php s parameter Critical
CVE-2018-10225 was published for topthink/framework (Composer) May 14, 2022
yii2-redis Potential Remote code execution Critical
CVE-2018-8073 was published for yiisoft/yii2-redis (Composer) May 14, 2022
SimpleSAMLphp SAML2 spoof SAML responses Critical
CVE-2016-9814 was published for simplesamlphp/saml2 (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database