Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,384 advisories

Loading
Ability to expose data in Sylius by using an unintended serialisation group Moderate
CVE-2020-5220 was published for sylius/resource-bundle (Composer) Jan 31, 2020
XSS in Dolibarr ERP & CRM Moderate
CVE-2020-7996 was published for dolibarr/dolibarr (Composer) Jan 28, 2020
Incorrect signature verification in SimpleSAMLphp Moderate
CVE-2016-9955 was published for simplesamlphp/simplesamlphp (Composer) Jan 24, 2020
thijskh
Persistent XSS vulnerability in filename of attached file in PrivateBin Moderate
CVE-2020-5223 was published for privatebin/privatebin (Composer) Jan 14, 2020
Insert tag injection in the Contao login module Moderate
CVE-2019-19714 was published for contao/contao (Composer) Dec 17, 2019
Information disclosure in the Contao backend Moderate
CVE-2019-19712 was published for contao/contao (Composer) Dec 17, 2019
Object injection in cookie driver in phpfastcache Moderate
CVE-2019-16774 was published for phpfastcache/phpfastcache (Composer) Dec 12, 2019
Geolim4
User enumeration leak using switch user functionality in Symfony Moderate
CVE-2019-18886 was published for symfony/security-http (Composer) Dec 2, 2019
Data leakage via SQL Injection in Pimcore Moderate
CVE-2019-10763 was published for pimcore/pimcore (Composer) Dec 2, 2019
Lack of access control on upoaded files Moderate
CVE-2019-12245 was published for silverstripe/assets (Composer) Nov 12, 2019
Session fixation in change password form Moderate
CVE-2019-12203 was published for silverstripe/framework (Composer) Nov 12, 2019
SilverStripe Versioned Files module Unpublished files are exposed publicly Moderate
CVE-2019-16409 was published for silverstripe/framework (Composer) Nov 12, 2019
Symfony Cross-site Scripting (XSS) vulnerability Moderate
CVE-2019-10909 was published for drupal/core (Composer) Nov 12, 2019
Composer JavaScript injection possible via html comments Moderate
CVE-2019-8233 was published for magento/community-edition (Composer) Nov 12, 2019
Magento Cross-Site Scripting via Attribute Set Name Moderate
CVE-2019-8145 was published for magento/community-edition (Composer) Nov 12, 2019
Bypass of sitemp access restrictions Moderate
CVE-2019-8133 was published for magento/community-edition (Composer) Nov 12, 2019
Information disclosure through processing of external XML entities Moderate
CVE-2019-8126 was published for magento/community-edition (Composer) Nov 12, 2019
Authorization Bypass Through User-Controlled Key in Bagisto Moderate
CVE-2019-16403 was published for bagisto/bagisto (Composer) Nov 8, 2019
Cross-site Scripting in Grav Moderate
CVE-2019-16126 was published for getgrav/grav (Composer) Nov 8, 2019
Cross-site scripting in Dolibarr Moderate
CVE-2019-16197 was published for dolibarr/dolibarr (Composer) Nov 8, 2019
Cross-site Scripting in Bolt Moderate
CVE-2019-15485 was published for bolt/bolt (Composer) Nov 8, 2019
Incorrect Access Control vulnerability in api-platform/core Moderate
CVE-2019-1000011 was published for api-platform/core (Composer) Oct 14, 2019
Cross-site Scripting in YII2-CMS Moderate
CVE-2019-16130 was published for yii2mod/yii2-cms (Composer) Oct 14, 2019
Exposure of Sensitive Information to an Unauthorized Actor in LibreNMS Moderate
CVE-2019-10667 was published for librenms/librenms (Composer) Oct 11, 2019
Missing Authentication for Critical Function in LibreNMS Moderate
CVE-2019-10668 was published for librenms/librenms (Composer) Oct 11, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database