Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
GeniXCMS XSS Vulnerability Moderate
CVE-2017-17431 was published for genix/cms (Composer) May 17, 2022
Typo3 Host Header Spoofing Vulnerability Moderate
CVE-2014-3941 was published for typo3/cms (Composer) May 14, 2022
Fork CMS XSS via Highlight Parameter Moderate
CVE-2012-1209 was published for forkcms/forkcms (Composer) May 14, 2022
Dolibarr ERP and CRM contain XSS Vulnerability Moderate
CVE-2017-17971 was published for dolibarr/dolibarr (Composer) May 14, 2022
Fork CMS XSS Vulnerability Moderate
CVE-2018-5215 was published for forkcms/forkcms (Composer) May 14, 2022
Passbolt API is vulnerable to XSS in the url field on the password workspace grid and sidebar Moderate
CVE-2017-1000442 was published for passbolt/passbolt_api (Composer) May 14, 2022
Stored XSS in LavaLite 5.2.4 Moderate
CVE-2017-1000467 was published for lavalite/cms (Composer) May 14, 2022
QuickApps CMS Cross-site Scripting Moderate
CVE-2017-1000495 was published for quickapps/cms (Composer) May 14, 2022
eZ Publish Cross-site Scripting (XSS) vulnerability Moderate
CVE-2017-1000431 was published for ezsystems/ezpublish-legacy (Composer) May 14, 2022
WPGlobus plugin Stored XSS & CSRF security vulnerability Moderate
CVE-2018-5362 was published for wpglobus/wpglobus (Composer) May 14, 2022
Shopware XSS Vulnerability Moderate
CVE-2017-15374 was published for shopware/shopware (Composer) May 14, 2022
WPGlobus plugin Stored XSS & CSRF security vulnerability Moderate
CVE-2018-5367 was published for wpglobus/wpglobus (Composer) May 14, 2022
WPGlobus plugin Stored XSS & CSRF security vulnerability Moderate
CVE-2018-5364 was published for wpglobus/wpglobus (Composer) May 14, 2022
WPGlobus plugin Stored XSS & CSRF security vulnerability Moderate
CVE-2018-5363 was published for wpglobus/wpglobus (Composer) May 14, 2022
WPGlobus plugin Stored XSS & CSRF security vulnerability Moderate
CVE-2018-5366 was published for wpglobus/wpglobus (Composer) May 14, 2022
WPGlobus plugin Stored XSS & CSRF security vulnerability Moderate
CVE-2018-5365 was published for wpglobus/wpglobus (Composer) May 14, 2022
Magento Cross-Site Request Forgery (CSRF) Moderate
CVE-2018-5301 was published for magento/community-edition (Composer) May 14, 2022
Moodle Privilege escalation in quiz web services Moderate
CVE-2018-1044 was published for moodle/moodle (Composer) May 14, 2022
Moodle XSS Vulnerability Moderate
CVE-2018-1045 was published for moodle/moodle (Composer) May 14, 2022
SilverStripe CSV Excel Macro Injection Moderate
CVE-2017-18049 was published for silverstripe/framework (Composer) May 14, 2022
SimpleSAMLphp Open redirection protection bypass Moderate
CVE-2018-6520 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
Mautic Cross Site Scripting (XSS) vulnerability Moderate
CVE-2017-1000506 was published for mautic/core (Composer) May 14, 2022
Dolibarr ERP and CRM contain XSS Vulnerability Moderate
CVE-2017-1000509 was published for dolibarr/dolibarr (Composer) May 14, 2022
Canvs Canvas XSS Vulnerability Moderate
CVE-2017-1000507 was published for austintoddj/canvas (Composer) May 14, 2022
Cross site scripting in Croogo Moderate
CVE-2017-1000510 was published for croogo/croogo (Composer) May 14, 2022
Ocramius
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database