Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,886 advisories

Loading
Zenario CMS Cross-site Scripting vulnerability Moderate
CVE-2023-44769 was published for tribalsystems/zenario (Composer) Oct 25, 2023
Open redirect vulnerability on CMSSecurity relogin screen Moderate
CVE-2023-22729 was published for silverstripe/framework (Composer) Apr 26, 2023
Path Traversal in Asset "import from server" option Moderate
CVE-2023-2336 was published for pimcore/pimcore (Composer) Apr 27, 2023
rekter0
Credited to rekter0
MediaWiki Cross-site Scripting vulnerability Moderate
CVE-2023-37302 was published for wikibase/wikibase (Composer) Jun 30, 2023
prudloff-insite
Credited to prudloff-insite
Cross-site Scripting (XSS) in Website Settings name field Moderate
CVE-2023-2342 was published for pimcore/pimcore (Composer) Apr 27, 2023
khanhchauminh
Credited to khanhchauminh
Cross-site Scripting (XSS) in DataObject columns grid Moderate
CVE-2023-2340 was published for pimcore/pimcore (Composer) Apr 27, 2023
Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction Moderate
CVE-2023-38708 was published for pimcore/pimcore (Composer) Aug 3, 2023
TobiSW
Credited to TobiSW
Cross-site Scripting (XSS) in DataObject Any Getter grid operator Moderate
CVE-2023-2339 was published for pimcore/pimcore (Composer) Apr 27, 2023
Cross-site Scripting (XSS) in Admin Login too many attempts notice Moderate
CVE-2023-2341 was published for pimcore/pimcore (Composer) Apr 27, 2023
Anasboulbali
Credited to Anasboulbali
Cross Site Scripting in CraftCMS Moderate
CVE-2023-30177 was published for craftcms/cms (Composer) Apr 25, 2023
Cross-site Scripting (XSS) in DataObject Classification Store Moderate
CVE-2023-2343 was published for pimcore/pimcore (Composer) Apr 27, 2023
khanhchauminh
Credited to khanhchauminh
LibreNMS Cross-site Scripting vulnerability Moderate
CVE-2023-4979 was published for librenms/librenms (Composer) Sep 15, 2023
LibreNMS Cross-site Scripting vulnerability Moderate
CVE-2023-4980 was published for librenms/librenms (Composer) Sep 15, 2023
LibreNMS Code Injection vulnerability Moderate
CVE-2023-4977 was published for librenms/librenms (Composer) Sep 15, 2023
Admidio Insufficient Session Expiration vulnerability Moderate
CVE-2023-4190 was published for admidio/admidio (Composer) Aug 6, 2023
LibreNMS Cross-site Scripting vulnerability Moderate
CVE-2023-4978 was published for librenms/librenms (Composer) Sep 15, 2023
LibreNMS Cross-site Scripting vulnerability Moderate
CVE-2023-4981 was published for librenms/librenms (Composer) Sep 15, 2023
LibreNMS Cross-site Scripting vulnerability Moderate
CVE-2023-4982 was published for librenms/librenms (Composer) Sep 15, 2023
thorsten/phpmyfaq vulnerable to cross-site scripting Moderate
CVE-2023-2999 was published for thorsten/phpmyfaq (Composer) May 31, 2023
Pimcore Privilege Defined With Unsafe Actions vulnerability Moderate
CVE-2023-2983 was published for pimcore/pimcore (Composer) Jun 6, 2023
Admidio vulnerable to Cross-site Scripting Moderate
CVE-2023-3109 was published for admidio/admidio (Composer) Jun 5, 2023
Pimcore vulnerable to Pre-Auth Path Traversal in pimcore_log parameter Moderate
CVE-2023-2984 was published for pimcore/pimcore (Composer) Jun 6, 2023
Prevent injection of invalid entity ids for "autocomplete" fields Moderate
CVE-2023-41336 was published for symfony/ux-autocomplete (Composer) Sep 11, 2023
janklan
Credited to janklan
Admidio Improper Access Control vulnerability Moderate
CVE-2023-3304 was published for admidio/admidio (Composer) Jun 23, 2023
Dolibarr Improper Input Validation vulnerability Moderate
CVE-2023-4198 was published for dolibarr/dolibarr (Composer) Nov 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database