Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
GeniXCMS arbitrary PHP code execution High
CVE-2017-14764 was published for genix/cms (Composer) May 17, 2022
Zeta Components Mail Arbitrary code execution via a crafted email address High
CVE-2017-15806 was published for zetacomponents/mail (Composer) May 17, 2022
TYPO3 Color Picker Wizard component allows remote authenticated editors to execute arbitrary PHP code High
CVE-2014-3942 was published for typo3/cms (Composer) May 14, 2022
phpMyAdmin vulnerable to static code injection High
CVE-2011-2506 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
PHPMailer susceptible to arbitrary code execution High
CVE-2008-5619 was published for phpmailer/phpmailer (Composer) May 14, 2022
jhutchings1
TDQM Arbitrary Code Execution High
CVE-2016-10075 was published for tqdm (pip) May 14, 2022
OpenStack Swift Unchecked user input in XML responses High
CVE-2013-2161 was published for swift (pip) May 14, 2022
IPython Notebook vulnerable to improper validation of the origin of websocket requests High
CVE-2014-3429 was published for ipython (pip) May 14, 2022
Arbitrary code execution in Apache Struts 2 High
CVE-2013-2134 was published for org.apache.struts.xwork:xwork-core (Maven) May 14, 2022
sunSUNQ
Arbitrary code execution in Apache Struts 2 High
CVE-2013-2135 was published for org.apache.struts.xwork:xwork-core (Maven) May 14, 2022
sunSUNQ
PrestaShop PHP Object Injection High
CVE-2018-20717 was published for prestashop/prestashop (Composer) May 14, 2022
Code Injection in baserCMS High
CVE-2017-10844 was published for baserproject/basercms (Composer) May 14, 2022
Malicious PDF can inject JavaScript into PDF Viewer High
CVE-2018-5158 was published for pdfjs-dist (npm) May 14, 2022
Rob--W
MAGMI plugin for Magento Unsafe File Upload High
CVE-2014-8770 was published for dweeves/magmi (Composer) May 14, 2022
Improper Control of Generation of Code in Apache Struts High
CVE-2013-1965 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ MarkLee131
Arbitrary code execution in Apache Struts High
CVE-2013-1966 was published for org.apache.struts.xwork:xwork-core (Maven) May 14, 2022
sunSUNQ
Moodle XML import of ddwtos could lead to intentional remote code execution High
CVE-2018-14630 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
SEOmatic plugin for Craft CMS SSTI Vulnerability High
CVE-2018-14716 was published for nystudio107/craft-seomatic (Composer) May 13, 2022
Moodle calculated question type allows remote code execution by Question authors High
CVE-2018-1133 was published for moodle/moodle (Composer) May 13, 2022
Code injection in Apache Struts High
CVE-2013-2115 was published for org.apache.struts.xwork:xwork-core (Maven) May 13, 2022
sunSUNQ
Moodle vulnerable to PHP object injection attacks High
CVE-2014-3541 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Code Injection in Masuit.Tools.Core High
CVE-2022-21167 was published for Masuit.Tools.Core (NuGet) May 3, 2022
TYPO3 PHP remote file inclusion vulnerability High
CVE-2010-1153 was published for typo3/cms (Composer) May 2, 2022
TYPO3 Backend Command Injection via Shell Metacharacters in Uploaded File Name High
CVE-2009-3631 was published for typo3/cms-backend (Composer) May 2, 2022
Missing input validation can lead to command execution in composer High
CVE-2022-24828 was published for composer/composer (Composer) Apr 22, 2022
thomas-chauchefoin-sonarsource
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database