GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
4,098 advisories
Filter by severity
Blog comment posting, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
Low
CVE-2020-15276
was published
for
baserproject/basercms
(Composer)
Oct 30, 2020
RCE via PHP Object injection via SOAP Requests
High
CVE-2020-15244
was published
for
openmage/magento-lts
(Composer)
Oct 30, 2020
Edit template, Remote Code Execution (RCE) Vulnerability in Latest Release 4.4.0
High
CVE-2020-15277
was published
for
baserproject/basercms
(Composer)
Oct 30, 2020
Denial of Service via Cache Flooding
Low
GHSA-p68v-frgx-4rjp
was published
for
shopware/core
(Composer)
Oct 19, 2020
Authenticated XML External Entity Processing
Moderate
GHSA-8xv9-qcr9-ww9j
was published
for
shopware/core
(Composer)
Oct 19, 2020
Ability to switch customer email address on account detail page and stay verified
Moderate
CVE-2020-15245
was published
for
sylius/sylius
(Composer)
Oct 19, 2020
Inline attribute values were not processed.
High
CVE-2020-15263
was published
for
orchid/platform
(Composer)
Oct 19, 2020
XSS vulnerability when listing users on add & modify server pages.
Moderate
GHSA-5822-pw57-vv37
was published
for
pterodactyl/panel
(Composer)
Oct 8, 2020
Cross-Site Scripting in ternary conditional operator
Moderate
CVE-2020-15241
was published
for
typo3/cms
(Composer)
Oct 8, 2020
Potential Remote Code Execution vulnerability
High
CVE-2020-15227
was published
for
nette/application
(Composer)
Oct 2, 2020
Contao Insert tag injection in forms
Moderate
CVE-2020-25768
was published
for
contao/contao
(Composer)
Sep 24, 2020
Non-persistent XSS in the Storefront in Shopware
Low
GHSA-qvhr-55hg-3qwv
was published
for
shopware/core
(Composer)
Sep 23, 2020
RCE in Third Party Library in Shopware
Low
GHSA-qvc5-cfrr-384v
was published
for
shopware/core
(Composer)
Sep 23, 2020
Unsafe deserialization in Yii 2
High
CVE-2020-15148
was published
for
yiisoft/yii2
(Composer)
Sep 15, 2020
Potential XSS injection In PrestaShop contactform
High
CVE-2020-15178
was published
for
prestashop/contactform
(Composer)
Sep 15, 2020
personnummer/php vulnerable to Improper Input Validation
Low
GHSA-2p6g-gjp8-ggg9
was published
for
personnummer/personnummer
(Composer)
Sep 9, 2020
Information Disclosure in TYPO3 extension sf_event_mgt
Moderate
CVE-2020-25026
was published
for
derhansen/sf_event_mgt
(Composer)
Sep 2, 2020
DataTable Vulnerable to Cross-Site Scripting
High
CVE-2015-6584
was published
for
datatables
(Composer)
Aug 31, 2020
Cross Site Scripting and RCE in baserCMS
Low
CVE-2020-15159
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings
Low
CVE-2020-15155
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Cross Site Scripting in baserCMS
Low
CVE-2020-15154
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Remote Code Execution in SyliusResourceBundle
High
CVE-2020-15143
was published
for
sylius/resource-bundle
(Composer)
Aug 19, 2020
Remote Code Execution in SyliusResourceBundle
Critical
CVE-2020-15146
was published
for
sylius/resource-bundle
(Composer)
Aug 19, 2020
Observable Timing Discrepancy in OpenMage LTS
High
CVE-2020-15151
was published
for
openmage/magento-lts
(Composer)
Aug 19, 2020
ProTip!
Advisories are also available from the
GraphQL API