Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,296
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

159 advisories

Loading
phpMyAdmin ReCaptcha bypass Moderate
CVE-2015-6830 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Drupal sensitive information disclosure Moderate
CVE-2016-9449 was published for drupal/core (Composer) May 17, 2022
Moodle Glossary search displays entries without checking user permissions to view them Moderate
CVE-2016-5012 was published for moodle/moodle (Composer) May 17, 2022
phpMyAdmin Local file exposure Moderate
CVE-2016-6612 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Local file exposure through symlinks with UploadDir Moderate
CVE-2016-6613 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin allows to detect if user is logged in Moderate
CVE-2016-6625 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin path disclosure Moderate
CVE-2016-9853 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Moodle Global search displays user names for unauthenticated users Moderate
CVE-2017-2643 was published for moodle/moodle (Composer) May 17, 2022
Moodle User fullname disclosure on user preferences page Moderate
CVE-2017-2642 was published for moodle/moodle (Composer) May 17, 2022
TYPO3 Sensitive Information Disclosure via escapeStrForLike method Moderate
CVE-2010-5104 was published for typo3/cms-core (Composer) May 17, 2022
phpMyAdmin vulnerable to XML external entity (XXE) injection attack Moderate
CVE-2011-4107 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
SimpleSAMLphp Unauthenticated encryption in CBC mode Moderate
CVE-2017-12870 was published for simplesamlphp/simplesamlphp (Composer) May 17, 2022
Fastly Magento2 sensitive information disclosure Moderate
CVE-2017-13761 was published for fastly/magento2 (Composer) May 17, 2022
Moodle sensitive information disclosure Moderate
CVE-2017-12157 was published for moodle/moodle (Composer) May 17, 2022
Laravel Sensitive Data Exposure Moderate
CVE-2017-14775 was published for illuminate/auth (Composer) May 17, 2022
G-Rath
Silverstripe CMS User Enumeration Moderate
CVE-2017-12849 was published for silverstripe/cms (Composer) May 17, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2017-15110 was published for moodle/moodle (Composer) May 17, 2022
Moodle Privilege escalation in quiz web services Moderate
CVE-2018-1044 was published for moodle/moodle (Composer) May 14, 2022
Moodle Portfolio forum caller class allows a user to download any file Moderate
CVE-2018-1135 was published for moodle/moodle (Composer) May 14, 2022
Converse.js Exposure of Sensitive Information Moderate
CVE-2018-6591 was published for converse.js (Composer) May 14, 2022
Sensitive Data Exposure in baserCMS Moderate
CVE-2018-0575 was published for baserproject/basercms (Composer) May 14, 2022
SimpleSAMLphp Information leakage issue in the sanitycheck module Moderate
CVE-2016-3124 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
DOMPDF Arbitrary File Read Moderate
CVE-2014-2383 was published for dompdf/dompdf (Composer) May 14, 2022
phpMyAdmin full path disclosure vulnerability Moderate
CVE-2016-5730 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Showdoc Forced Browsing Moderate
CVE-2018-19609 was published for showdoc/showdoc (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database