Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Moodle sensitive information disclosure Moderate
CVE-2018-10889 was published for moodle/moodle (Composer) May 13, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2018-10890 was published for moodle/moodle (Composer) May 13, 2022
Moodle Cross-site Scripting Moderate
CVE-2018-14631 was published for moodle/moodle (Composer) May 13, 2022
Moodle Stored HTML in assignment submission comments allowed links to be opened directly Moderate
CVE-2019-3850 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Stored XSS in LavaLite 5.5 Moderate
CVE-2018-16551 was published for lavalite/cms (Composer) May 13, 2022
Mediawiki Improper Privilege Management Moderate
CVE-2018-0503 was published for mediawiki/core (Composer) May 13, 2022
Mediawiki BotPassword can bypass CentralAuth's account lock Moderate
CVE-2018-0505 was published for mediawiki/core (Composer) May 13, 2022
MODX vulnerability allows for XSS via user settings parameters Moderate
CVE-2018-20758 was published for modx/revolution (Composer) May 13, 2022
Mediawiki information disclosure vulnerability Moderate
CVE-2018-0504 was published for mediawiki/core (Composer) May 13, 2022
Piwik (now Matomo) Vulnerable to Arbitrary Code Execution Moderate
CVE-2011-4941 was published for matomo/matomo (Composer) May 13, 2022
Piwik (now Matomo) Reveals Sensitive Information by Accepting Input from `POST` Requests Moderate
CVE-2013-2633 was published for matomo/matomo (Composer) May 13, 2022
MAGMI cross-site scripting (XSS) Moderate
CVE-2015-2068 was published for dweeves/magmi (Composer) May 13, 2022
MAGMI plugin for Magento Server Directory Traversal Moderate
CVE-2015-2067 was published for dweeves/magmi (Composer) May 13, 2022
OctoberCMS Cross-Site Scripting Moderate
CVE-2017-15284 was published for october/rain (Composer) May 13, 2022
October CMS XSS Moderate
CVE-2017-1000193 was published for october/october (Composer) May 13, 2022
daftspunk
October CMS - RainLab Blog Plugin XSS Moderate
CVE-2018-7198 was published for rainlab/blog-plugin (Composer) May 13, 2022
daftspunk
phpMyAdmin Arbitrary file read vulnerability Moderate
CVE-2019-6799 was published for phpmyadmin/phpmyadmin (Composer) May 13, 2022
Moodle context freezing Moderate
CVE-2019-3852 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 decsecre583
Moodle Secure layout contained an insecure link in Boost theme Moderate
CVE-2019-3851 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Contao Information Disclosure via Access Control Flaws Moderate
CVE-2018-20028 was published for contao/contao (Composer) May 13, 2022
Gleez CMS Vulnerability Allows Forced Browsing to Profile Page of Other Users Moderate
CVE-2018-16704 was published for gleez/cms (Composer) May 13, 2022
Moodle Unauthenticated users can trigger custom messages to admin via paypal enrol script Moderate
CVE-2018-1081 was published for moodle/moodle (Composer) May 13, 2022
Moodle XSS Vulnerability Moderate
CVE-2019-3808 was published for moodle/moodle (Composer) May 13, 2022
Silverstripe CMS XSS Vulnerability Moderate
CVE-2015-8606 was published for silverstripe/cms (Composer) May 13, 2022
Symphony CMS XSS Vulnerabilities Moderate
CVE-2015-8766 was published for symphonycms/symphony-2 (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database