Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

530 advisories

Loading
Smarty PHP code injection Critical
CVE-2017-1000480 was published for smarty/smarty (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in fourn/index.php Critical
CVE-2017-17900 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in adherents/subscription/info.php Critical
CVE-2017-17899 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in comm/multiprix.php Critical
CVE-2017-17897 was published for dolibarr/dolibarr (Composer) May 14, 2022
MetalGenix GeniXCMS vulnerable to SQL Injection Critical
CVE-2015-3933 was published for genix/cms (Composer) May 17, 2022
Swift Mailer mail transport Command Injection Critical
CVE-2016-10074 was published for swiftmailer/swiftmailer (Composer) May 17, 2022
CodeIgniter and Kohana vulnerable to PHP Object Injection Critical
CVE-2014-8684 was published for codeigniter/framework (Composer) May 17, 2022
Dolibarr SQL injection vulnerability in don/list.php Critical
CVE-2017-14242 was published for dolibarr/dolibarr (Composer) May 17, 2022
Dolibarr SQL injection vulnerability in admin/menus/edit.php Critical
CVE-2017-14238 was published for dolibarr/dolibarr (Composer) May 17, 2022
Moodle SQL injection via user preferences Critical
CVE-2017-2641 was published for moodle/moodle (Composer) May 17, 2022
phpMyAdmin CSRF Vulnerability Critical
CVE-2016-9866 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
ADOdb Library SQL Injection Critical
CVE-2016-7405 was published for adodb/adodb-php (Composer) May 17, 2022
phpMyAdmin Authentication Bypass Critical
CVE-2016-6629 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Code Injection vulnerability Critical
CVE-2016-5734 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
TeamPass SQL injection in users.queries.php Critical
CVE-2017-9436 was published for nilsteampassnet/teampass (Composer) May 17, 2022
Dolibarr ERP and CRM SQLi Critical
CVE-2017-9435 was published for dolibarr/dolibarr (Composer) May 17, 2022
Dolibarr ERP and CRM Insecure Encryption Critical
CVE-2017-7888 was published for dolibarr/dolibarr (Composer) May 17, 2022
Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter Critical
CVE-2017-7886 was published for dolibarr/dolibarr (Composer) May 17, 2022
GeniXCMS Arbitrary User Password Reset Vulnerability Critical
CVE-2017-8827 was published for genix/cms (Composer) May 17, 2022
TeamPass vulnerable to SQL Injection Critical
CVE-2015-7564 was published for nilsteampassnet/teampass (Composer) May 17, 2022
CodeIgniter arbitrary code execution Critical
CVE-2016-10131 was published for bcit-ci/codeigniter (Composer) May 17, 2022
Froxlor guessable password reset token Critical
CVE-2016-5100 was published for froxlor/froxlor (Composer) May 17, 2022
Zend Framework SQL injection vector using null byte for PDO Critical
CVE-2015-7695 was published for zendframework/zendframework1 (Composer) May 17, 2022
TYPO3 vulnerable to authentication bypass via leveraging knowledge of password hash Critical
CVE-2014-3945 was published for typo3/cms (Composer) May 17, 2022
Apache Solr for TYPO3 (solr) extension is vulnerable to Insecure Unserialize Critical
CVE-2013-6288 was published for apache-solr-for-typo3/solr (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database