GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,027
Composer 4,062
Erlang 29
GitHub Actions 19
Go 1,889
Maven 5,089
npm 3,622
NuGet 638
pip 3,233
Pub 10
RubyGems 857
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,114

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,335 advisories

Filter by severity

Sort by

Least recently updated

Bootstrap Cross-Site Scripting (XSS) vulnerability Moderate

CVE-2024-6531 was published for bootstrap (RubyGems) Jul 11, 2024

Httpful is Missing Certificate Validation Moderate

GHSA-gcfg-hmwx-wq5h was published for nategood/httpful (Composer) Sep 9, 2024

Craft CMS vulnerable to stored XSS in breadcrumb list and title fields Moderate

CVE-2024-45406 was published for craftcms/cms (Composer) Sep 9, 2024

EC-CUBE Open redirect vulnerability Moderate

CVE-2018-16191 was published for ec-cube/ec-cube (Composer) May 14, 2022

Magento Open Source Path Traversal vulnerability Moderate

CVE-2024-39406 was published for magento/community-edition (Composer) Aug 14, 2024

Magento Open Source Cross-Site Request Forgery vulnerability Moderate

CVE-2024-39408 was published for magento/community-edition (Composer) Aug 14, 2024

Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability Moderate

CVE-2024-39409 was published for magento/community-edition (Composer) Aug 14, 2024

Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability Moderate

CVE-2024-39410 was published for magento/community-edition (Composer) Aug 14, 2024

Magento Open Source Improper Authorization vulnerability Moderate

CVE-2024-39412 was published for magento/community-edition (Composer) Aug 14, 2024

Concrete CMS Stored XSS in the "Next&Previous Nav" block Moderate

CVE-2024-8661 was published for concrete5/concrete5 (Composer) Sep 16, 2024

Previous 1 2 … 90 91 92 93 94 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,335 advisories