Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
Symfony allows changing the environment through a query Moderate
CVE-2024-50340 was published for symfony/runtime (Composer) Nov 6, 2024
wouterj
Magento Open Source Improper Input Validation vulnerability Moderate
CVE-2024-45117 was published for magento/community-edition (Composer) Oct 10, 2024
Contao affected by insert tag injection via canonical URL Moderate
CVE-2024-45612 was published for contao/core-bundle (Composer) Sep 17, 2024
aschempp
Arbitrary File Creation in opencart Moderate
CVE-2024-21519 was published for opencart/opencart (Composer) Jun 22, 2024
Moodle broken access control when setting calendar event type Moderate
CVE-2024-33996 was published for moodle/moodle (Composer) May 31, 2024
TYPO3 Brute Force Protection Bypass in backend login Moderate
GHSA-jqr8-q455-xx45 was published for typo3/cms (Composer) May 30, 2024
Symfony has unsafe methods in the Request class Moderate
CVE-2015-2309 was published for symfony/http-foundation (Composer) May 30, 2024
Symfony has a security issue when parsing the Authorization header Moderate
CVE-2014-6061 was published for symfony/http-foundation (Composer) May 30, 2024
silverstripe/framework uploaded PHP script execution in assets Moderate
GHSA-f43j-8hq4-2xj9 was published for silverstripe/framework (Composer) May 27, 2024
Laravel Guard bypass in Eloquent models Moderate
GHSA-44pg-c29v-hp6r was published for laravel/framework (Composer) May 15, 2024
Laravel Risk of mass-assignment vulnerabilities Moderate
GHSA-rj3w-99gc-8j58 was published for laravel/framework (Composer) May 15, 2024
Laravel Risk of mass-assignment vulnerabilities Moderate
GHSA-cc2w-ghc5-m5qr was published for illuminate/database (Composer) May 15, 2024
Laravel does not properly constrain the host portion of a password-reset URL Moderate
CVE-2017-9303 was published for illuminate/auth (Composer) May 17, 2022
Symfony SSRF Vulnerability via Form Component Moderate
CVE-2017-16790 was published for symfony/form (Composer) May 14, 2022
Froxlor Information Disclosure Moderate
CVE-2020-10236 was published for froxlor/froxlor (Composer) May 24, 2022
GeniXCMS denial of service (account blockage) Moderate
CVE-2017-14231 was published for genix/cms (Composer) May 17, 2022
phpMyAdmin Improper Input Validation Moderate
CVE-2016-2562 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Denial of Service (DoS) Moderate
CVE-2016-9860 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Moodle Incorrect sanitation of attributes in forums Moderate
CVE-2017-2576 was published for moodle/moodle (Composer) May 13, 2022
Moodle Private files uploaded via incoming mail processing could bypass quota restrictions Moderate
CVE-2019-10134 was published for moodle/moodle (Composer) May 24, 2022
Drupal file REST resource does not properly validate Moderate
CVE-2017-6921 was published for drupal/core (Composer) May 13, 2022
Drupal Denial of service via transliterate mechanism Moderate
CVE-2016-9452 was published for drupal/core (Composer) May 17, 2022
Contao Insert tag injection in forms Moderate
CVE-2020-25768 was published for contao/contao (Composer) Sep 24, 2020
Moodle arbitrary file read vulnerability Moderate
CVE-2023-28330 was published for moodle/moodle (Composer) Mar 23, 2023
Moodle does not properly validate module instance id Moderate
CVE-2006-4936 was published for moodle/moodle (Composer) May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database