Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,111
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

515 advisories

Loading
ThinkAdmin Administrator cookies still working after password change Critical
CVE-2019-11018 was published for zoujingli/thinkadmin (Composer) May 13, 2022
FineUploader php-traditional-server unauthenticated arbitrary file upload vulnerability Critical
CVE-2018-9209 was published for fineuploader/php-traditional-server (Composer) May 14, 2022
TeamPass Storing Passwords in a Recoverable Format vulnerability Critical
CVE-2019-1000001 was published for nilsteampassnet/teampass (Composer) May 13, 2022
TeamPass SQL injection in users.queries.php Critical
CVE-2017-9436 was published for nilsteampassnet/teampass (Composer) May 17, 2022
LibreNMS arbitrary OS commands execution Critical
CVE-2018-20434 was published for librenms/librenms (Composer) May 24, 2022
Swift Mailer mail transport Command Injection Critical
CVE-2016-10074 was published for swiftmailer/swiftmailer (Composer) May 17, 2022
Dolibarr SQL Injection vulnerability Critical
CVE-2018-9019 was published for dolibarr/dolibarr (Composer) May 13, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13450 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13449 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13447 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13448 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability Critical
CVE-2018-10094 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in admin/menus/edit.php Critical
CVE-2017-14238 was published for dolibarr/dolibarr (Composer) May 17, 2022
Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter Critical
CVE-2017-7886 was published for dolibarr/dolibarr (Composer) May 17, 2022
Dolibarr SQL injection vulnerability in don/list.php Critical
CVE-2017-14242 was published for dolibarr/dolibarr (Composer) May 17, 2022
Dolibarr SQL injection vulnerability in comm/multiprix.php Critical
CVE-2017-17897 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in adherents/subscription/info.php Critical
CVE-2017-17899 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in fourn/index.php Critical
CVE-2017-17900 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr Improper Restriction of Excessive Authentication Attempts Critical
CVE-2020-7995 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr Cross-site Scripting via the qty parameter in product/fournisseurs.php Critical
CVE-2019-19212 was published for dolibarr/dolibarr (Composer) May 24, 2022
php-shellcommand command injection vulnerability Critical
CVE-2019-10774 was published for mikehaertl/php-shellcommand (Composer) May 24, 2022
NukeViet SQL Injection vulnerability via topicsid parameter Critical
CVE-2020-21808 was published for nukeviet/nukeviet (Composer) May 24, 2022
NukeViet SQL Injection vulnerability Critical
CVE-2020-21809 was published for nukeviet/nukeviet (Composer) May 24, 2022
Yii SQL injection vulnerability Critical
CVE-2018-7269 was published for yiisoft/yii2-dev (Composer) May 24, 2022
Dolibarr SQL injection via the integer parameters qty and value_unit Critical
CVE-2018-16809 was published for dolibarr/dolibarr (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database