Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Cross-site Scripting in craftcms/cms Moderate
CVE-2022-28378 was published for craftcms/cms (Composer) Apr 4, 2022
Improper Certificate Validation in node-sass affects eZ Platform Moderate
GHSA-6v6p-g8cg-2hgg was published for ezsystems/ezplatform-admin-ui (Composer) Apr 1, 2022
Path Disclosure within joomla/filesystem class Moderate
CVE-2022-23794 was published for joomla/filesystem (Composer) Mar 31, 2022
Cross-site Scripting (XSS) within joomla/filter class Moderate
CVE-2022-23800 was published for joomla/filter (Composer) Mar 31, 2022
Cross-site Scripting in Parsedown Moderate
CVE-2018-1000162 was published for erusev/parsedown (Composer) Mar 30, 2022
Incorrect Access Control in ImpressCMS Moderate
CVE-2021-26598 was published for impresscms/impresscms (Composer) Mar 29, 2022
Cross-site Scripting in teampass Moderate
CVE-2022-26980 was published for nilsteampassnet/teampass (Composer) Mar 29, 2022
FormField with square brackets in field name skips validation Moderate
CVE-2020-26138 was published for silverstripe/framework (Composer) Mar 26, 2022
Cross-Site Request Forgery in Anchor CMS Moderate
CVE-2022-25576 was published for anchorcms/anchor-cms (Composer) Mar 26, 2022
Improper Input Validation in guzzlehttp/psr7 Moderate
CVE-2022-24775 was published for guzzlehttp/psr7 (Composer) Mar 25, 2022
TimWolla GrahamCampbell
Cross-site Scripting in Fork CMS Moderate
CVE-2022-0145 was published for forkcms/forkcms (Composer) Mar 25, 2022
Cross-site Scripting in Pimcore Datahub Moderate
CVE-2022-0955 was published for pimcore/data-hub (Composer) Mar 25, 2022
Possibility for Denial of Service by overwriting PHP files with language exports Moderate
GHSA-3fvf-2gp4-89wq was published for barryvdh/laravel-translation-manager (Composer) Mar 18, 2022
Open Redirect Moderate
CVE-2021-32645 was published for hyn/multi-tenant (Composer) Mar 18, 2022
JaZo
Craft CMS Cross-site Scripting Vulnerability Moderate
CVE-2021-32470 was published for craftcms/cms (Composer) Mar 18, 2022
Cross-site Scripting in Pimcore Moderate
CVE-2022-0911 was published for pimcore/pimcore (Composer) Mar 17, 2022
Cross-site Scripting in Pimcore Moderate
CVE-2022-0704 was published for pimcore/pimcore (Composer) Mar 17, 2022
Cross-site Scripting in Pimcore Moderate
CVE-2022-0705 was published for pimcore/pimcore (Composer) Mar 17, 2022
Stored Cross-site Scripting in ShowDoc Moderate
CVE-2022-0945 was published for showdoc/showdoc (Composer) Mar 16, 2022
Stored Cross-site Scripting in Microweber Moderate
CVE-2022-0954 was published for microweber/microweber (Composer) Mar 16, 2022
Cross-site Scripting in Pimcore Moderate
CVE-2022-0894 was published for pimcore/pimcore (Composer) Mar 16, 2022
Cross-site Scripting in ShowDoc Moderate
CVE-2022-0950 was published for showdoc/showdoc (Composer) Mar 16, 2022
File Upload Restriction Bypass leading to Cross-site Scripting in ShowDoc Moderate
CVE-2022-0951 was published for showdoc/showdoc (Composer) Mar 16, 2022
Cross-site Scripting in ShowDoc Moderate
CVE-2022-0957 was published for showdoc/showdoc (Composer) Mar 16, 2022
Unrestricted XML files leading to cross-site scripting in Microweber Moderate
CVE-2022-0963 was published for microweber/microweber (Composer) Mar 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database