GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,961
Composer 4,055
Erlang 29
GitHub Actions 19
Go 1,889
Maven 5,076
npm 3,605
NuGet 638
pip 3,208
Pub 10
RubyGems 852
Rust 816
Swift 35

Unreviewed advisories

All unreviewed 227,357

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

182 advisories

Filter by severity

Sort by

Least recently updated

SMTP Injection in PHPMailer Low

CVE-2015-8476 was published for phpmailer/phpmailer (Composer) Mar 5, 2020

Ability to switch channels via GET parameter enabled in production environments Low

CVE-2020-5218 was published for sylius/sylius (Composer) Jan 31, 2020

Link injection in SimpleSAMLphp Low

GHSA-2r3v-q9x3-7g46 was published for simplesamlphp/simplesamlphp (Composer) Jan 24, 2020

Cross-site scripting in SimpleSAMLphp Low

CVE-2020-5226 was published for simplesamlphp/simplesamlphp (Composer) Jan 24, 2020

Log injection in SimpleSAMLphp Low

CVE-2020-5225 was published for simplesamlphp/simplesamlphp (Composer) Jan 24, 2020

Internal exception message exposure for login action in Sylius Low

CVE-2019-16768 was published for sylius/sylius (Composer) Dec 5, 2019

SilverStripe Priviledge escalation through cache pollution Low

CVE-2019-12617 was published for silverstripe/framework (Composer) Nov 12, 2019

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

182 advisories