Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Joomla! vulnerable to Cross-site Scripting Moderate
CVE-2011-2509 was published for joomla/joomla-cms (Composer) May 14, 2022
XSS in baserCMS Moderate
CVE-2018-0574 was published for baserproject/basercms (Composer) May 14, 2022
Sensitive Data Exposure in baserCMS Moderate
CVE-2018-0575 was published for baserproject/basercms (Composer) May 14, 2022
XSS in baserCMS Moderate
CVE-2018-0570 was published for baserproject/basercms (Composer) May 14, 2022
baserCMS arbitrary file upload vulnerability Moderate
CVE-2018-0571 was published for baserproject/basercms (Composer) May 14, 2022
Pagekit open redirect vulnerability Moderate
CVE-2018-14381 was published for pagekit/pagekit (Composer) May 14, 2022
Gleez Cms Cross-site Scripting in Profile Page Moderate
CVE-2018-1999021 was published for gleez/cms (Composer) May 14, 2022
paypal/permissions-sdk-php reflected Cross-site Scripting (XSS) Moderate
CVE-2017-6215 was published for paypal/permissions-sdk-php (Composer) May 14, 2022
paypal/invoice-sdk-php reflected XSS Moderate
CVE-2017-6213 was published for paypal/invoice-sdk-php (Composer) May 14, 2022
Subrion CMS XSS Moderate
CVE-2018-14835 was published for intelliants/subrion (Composer) May 14, 2022
SimpleSAMLphp Information leakage issue in the sanitycheck module Moderate
CVE-2016-3124 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
MantisBT allows XSS on the Edit Filter page via crafted filter name Moderate
CVE-2018-14504 was published for mantisbt/mantisbt (Composer) May 14, 2022
MantisBT allows XSS via View Filters page Moderate
CVE-2018-13055 was published for mantisbt/mantisbt (Composer) May 14, 2022
phpMyAdmin remote variable manipulation Moderate
CVE-2011-2505 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
DOMPDF Arbitrary File Read Moderate
CVE-2014-2383 was published for dompdf/dompdf (Composer) May 14, 2022
Silverstripe CMS Open Redirect Moderate
CVE-2015-5062 was published for silverstripe/cms (Composer) May 14, 2022
ImpressCMS Cross-site Scripting vulnerability via quicksearch_ContentContent parameter Moderate
CVE-2010-4616 was published for impresscms/impresscms (Composer) May 14, 2022
Symfony SSRF Vulnerability via Form Component Moderate
CVE-2017-16790 was published for symfony/form (Composer) May 14, 2022
Pimcore SQLi Vulnerability Moderate
CVE-2018-14058 was published for pimcore/pimcore (Composer) May 14, 2022
OpenCart-Overclocked Cross-site Scripting Vulnerability Moderate
CVE-2018-1000640 was published for villagedefrance/opencart-overclocked (Composer) May 14, 2022
Showdoc XSS Vulnerability Moderate
CVE-2018-16342 was published for showdoc/showdoc (Composer) May 14, 2022
Gleez CMS Vulnerable to Cross-site Scripting in media/imagecache/resize Moderate
CVE-2018-16347 was published for gleez/cms (Composer) May 14, 2022
phpMyAdmin Cross-site Scripting (XSS) in the import dialog Moderate
CVE-2018-15605 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin micro history Implementation XSS Vulnerability Moderate
CVE-2014-6300 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin Cross-site scripting (XSS) vulnerability Moderate
CVE-2016-5731 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database