Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,887 advisories

Loading
MantisBT may expose private issues' summaries to unauthorized users Moderate
CVE-2023-22476 was published for mantisbt/mantisbt (Composer) Feb 23, 2023
October CMS - RainLab Blog Plugin XSS Moderate
CVE-2018-7198 was published for rainlab/blog-plugin (Composer) May 13, 2022
daftspunk
Credited to daftspunk
October CMS XSS Moderate
CVE-2017-1000193 was published for october/october (Composer) May 13, 2022
daftspunk
Credited to daftspunk
Wallabag user can disable 2FA unintentionally Moderate
GHSA-56fm-hfp3-x3w3 was published for wallabag/wallabag (Composer) Oct 2, 2023
dhina016
Credited to dhina016
Typo3 Cross-Site Scripting in Flash component (ELTS) Moderate
CVE-2020-8091 was published for typo3/cms (Composer) May 24, 2022
Croogo vulnerable to XSS in title field Moderate
CVE-2019-7169 was published for croogo/croogo (Composer) May 14, 2022
Croogo vulnerable to XSS in title field Moderate
CVE-2019-7171 was published for croogo/croogo (Composer) May 14, 2022
Croogo vulnerable to XSS in Blog field Moderate
CVE-2019-7168 was published for croogo/croogo (Composer) May 14, 2022
Snipe-IT XSS Vulnerability Moderate
CVE-2019-10118 was published for snipe/snipe-it (Composer) May 14, 2022
Elgg open redirect Moderate
CVE-2019-11016 was published for elgg/elgg (Composer) May 14, 2022
Moodle XSS Vulnerability Moderate
CVE-2019-3808 was published for moodle/moodle (Composer) May 13, 2022
Moodle XSS Vulnerability Moderate
CVE-2019-3810 was published for moodle/moodle (Composer) May 13, 2022
Subrion CMS XSS Moderate
CVE-2019-20389 was published for intelliants/subrion (Composer) May 24, 2022
Withdrawn Advisory: Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-8228 was published for magento/community-edition (Composer) May 24, 2022 withdrawn
Moodle XSS Vulnerability Moderate
CVE-2019-14881 was published for moodle/moodle (Composer) May 24, 2022
Dolibarr ERP and CRM contain XSS Vulnerability Moderate
CVE-2019-19210 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr ERP and CRM contain XSS Vulnerability Moderate
CVE-2019-19206 was published for dolibarr/dolibarr (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability Moderate
CVE-2019-8232 was published for magento/community-edition (Composer) May 24, 2022
Pimcore XSS Vulnerability Moderate
CVE-2019-18656 was published for pimcore/pimcore (Composer) May 24, 2022
Dolibarr ERP and CRM HTML Injection Moderate
CVE-2019-17223 was published for dolibarr/dolibarr (Composer) May 24, 2022
direct_mail for Typo3 sensitive data exposure Moderate
CVE-2019-16698 was published for directmailteam/direct-mail (Composer) May 24, 2022
Craft CMS XSS Vulnerability Moderate
CVE-2019-17496 was published for craftcms/cms (Composer) May 24, 2022
Joomla! XSS in Default Templates Moderate
CVE-2019-16725 was published for joomla/joomla-cms (Composer) May 24, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2681 was published for zendframework/zendframework1 (Composer) May 14, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2682 was published for zendframework/zendframework1 (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database