GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
2,887 advisories
Filter by severity
Dolibarr CRM allows Privilege Escalation
Moderate
CVE-2020-14201
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Wallabag user can delete own API client unintentionally
Moderate
CVE-2023-4455
was published
for
wallabag/wallabag
(Composer)
Aug 21, 2023
Moodle Authenticated Spelling Binary Remote Code Execution
Moderate
CVE-2013-3630
was published
for
moodle/moodle
(Composer)
May 13, 2022
Concrete CMS vulnerable to Uncontrolled Resource Consumption leading to DoS
Moderate
CVE-2022-43686
was published
for
concrete5/concrete5
(Composer)
Nov 15, 2022
Quadratic blowup in Convert::xml2array()
Moderate
CVE-2021-41559
was published
for
silverstripe/framework
(Composer)
Jun 29, 2022
ImpressCMS Cross-site scripting Vulnerability
Moderate
CVE-2014-4036
was published
for
impresscms/impresscms
(Composer)
May 17, 2022
ImpressCMS Path Traversal to Arbitrary File Delete
Moderate
CVE-2014-1836
was published
for
impresscms/impresscms
(Composer)
May 17, 2022
Subrion CMS Cross-site scripting in search
Moderate
CVE-2014-9120
was published
for
intelliants/subrion
(Composer)
May 14, 2022
phpMyAdmin Unsafe Fetching of Javascript Code
Moderate
CVE-2012-5368
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
DCE extension for Typo3 Discloses Environment Information
Moderate
CVE-2014-8328
was published
for
t3/dce
(Composer)
May 17, 2022
Moodle Reveals Student Information Meant To Be Anonymous
Moderate
CVE-2014-0215
was published
for
moodle/moodle
(Composer)
May 13, 2022
phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
Moderate
CVE-2014-8326
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
phpMyAdmin micro history Implementation XSS Vulnerability
Moderate
CVE-2014-6300
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
October CMS XSS In Caption Tag of Profile
Moderate
CVE-2015-5612
was published
for
october/october
(Composer)
May 17, 2022
Silverstripe CMS XSS Vulnerability
Moderate
CVE-2017-5197
was published
for
silverstripe/cms
(Composer)
May 14, 2022
Concrete CMS Cross-site Scripting vulnerability
Moderate
CVE-2022-43695
was published
for
concrete5/concrete5
(Composer)
Jul 6, 2023
Exposure of Resource to Wrong Sphere in ezsystems/ezplatform-kernel
Moderate
CVE-2022-25336
was published
for
ezsystems/ezplatform-kernel
(Composer)
Feb 19, 2022
phpMyAdmin ReCaptcha bypass
Moderate
CVE-2015-6830
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Dolibarr ERP and CRM contain Cross-site Scripting Vulnerability
Moderate
CVE-2015-3935
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Concrete CMS Cross-site Scripting via Survey Blocks
Moderate
CVE-2021-28145
was published
for
concrete5/concrete5
(Composer)
May 24, 2022
Aimeos Typo3 extension contains Cross-site Scripting vulnerability
Moderate
CVE-2021-28380
was published
for
aimeos/aimeos-typo3
(Composer)
May 24, 2022
Exposure of Resource to Wrong Sphere in microweber
Moderate
CVE-2022-0762
was published
for
microweber/microweber
(Composer)
Feb 27, 2022
Centreon Cross-site Scripting Vulnerability
Moderate
CVE-2015-7672
was published
for
centreon/centreon
(Composer)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API