Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
EC-CUBE improperly handles HTTP Host header values Moderate
CVE-2022-25355 was published for ec-cube/ec-cube (Composer) Feb 25, 2022
Missing server signature validation in OctoberCMS Moderate
CVE-2022-23655 was published for october/system (Composer) Feb 24, 2022
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
Open Redirect in AllTube Moderate
CVE-2022-0692 was published for rudloff/alltube (Composer) Feb 23, 2022
hitisec
Path traversal in pimcore Moderate
CVE-2022-0665 was published for pimcore/pimcore (Composer) Feb 23, 2022
Cross-site Scripting in microweber Moderate
CVE-2022-0678 was published for microweber/microweber (Composer) Feb 20, 2022
Business Logic Errors in microweber Moderate
CVE-2022-0689 was published for microweber/microweber (Composer) Feb 20, 2022
Exposure of Resource to Wrong Sphere in ezsystems/ezplatform-kernel Moderate
CVE-2022-25336 was published for ezsystems/ezplatform-kernel (Composer) Feb 19, 2022
Generation of Error Message Containing Sensitive Information in Snipe-IT Moderate
CVE-2022-0622 was published for snipe/snipe-it (Composer) Feb 18, 2022
Incorrect authorization in Drupal core Moderate
CVE-2022-25270 was published for drupal/core (Composer) Feb 18, 2022
Crypt_GPG does not prevent additional options in GPG calls Moderate
CVE-2022-24953 was published for pear/crypt_gpg (Composer) Feb 18, 2022
Cross-Site Request Forgery microweber Moderate
CVE-2022-0638 was published for microweber/microweber (Composer) Feb 18, 2022
Cross-site Scripting in livehelperchat Moderate
CVE-2022-0612 was published for remdex/livehelperchat (Composer) Feb 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in librenms Moderate
CVE-2022-0588 was published for librenms/librenms (Composer) Feb 16, 2022
Cross-site Scripting in librenms Moderate
CVE-2022-0589 was published for librenms/librenms (Composer) Feb 16, 2022
Microweber vulnerable to Improper Validation of Specified Quantity in Input Moderate
CVE-2022-0596 was published for microweber/microweber (Composer) Feb 16, 2022
Open redirect in microweber Moderate
CVE-2022-0597 was published for microweber/microweber (Composer) Feb 16, 2022
Exposure of Sensitive Information in snipe/snipe-it Moderate
CVE-2022-0569 was published for snipe/snipe-it (Composer) Feb 15, 2022
Cross-site Scripting in librenms Moderate
CVE-2022-0576 was published for librenms/librenms (Composer) Feb 15, 2022
Cross-site Scripting in librenms Moderate
CVE-2022-0575 was published for librenms/librenms (Composer) Feb 15, 2022
Exposure of Sensitive Information to an Unauthorized Actor in pimcore Moderate
CVE-2022-0565 was published for pimcore/pimcore (Composer) Feb 15, 2022
Improper Privilege Management in Snipe-IT Moderate
CVE-2022-0579 was published for snipe/snipe-it (Composer) Feb 15, 2022
Cross-site Scripting in enshrined/svg-sanitize Moderate
CVE-2022-23638 was published for enshrined/svg-sanitize (Composer) Feb 14, 2022
zcorpan ohader
Open redirect in microweber Moderate
CVE-2022-0560 was published for microweber/microweber (Composer) Feb 12, 2022
Cross-site Scripting in Drupal Core Moderate
CVE-2020-13668 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database