GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,093
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,902
Maven 5,100
npm 3,631
NuGet 638
pip 3,246
Pub 10
RubyGems 863
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,442

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

63 advisories

Filter by severity

Sort by

Least recently updated

Contao affected by insert tag injection via canonical URL Moderate

CVE-2024-45612 was published for contao/core-bundle (Composer) Sep 17, 2024

Arbitrary File Creation in opencart Moderate

CVE-2024-21519 was published for opencart/opencart (Composer) Jun 22, 2024

Moodle broken access control when setting calendar event type Moderate

CVE-2024-33996 was published for moodle/moodle (Composer) May 31, 2024

TYPO3 Brute Force Protection Bypass in backend login Moderate

GHSA-jqr8-q455-xx45 was published for typo3/cms (Composer) May 30, 2024

Symfony has unsafe methods in the Request class Moderate

CVE-2015-2309 was published for symfony/http-foundation (Composer) May 30, 2024

Symfony has a security issue when parsing the Authorization header Moderate

CVE-2014-6061 was published for symfony/http-foundation (Composer) May 30, 2024

silverstripe/framework uploaded PHP script execution in assets Moderate

GHSA-f43j-8hq4-2xj9 was published for silverstripe/framework (Composer) May 27, 2024

Laravel Guard bypass in Eloquent models Moderate

GHSA-44pg-c29v-hp6r was published for laravel/framework (Composer) May 15, 2024

Laravel Risk of mass-assignment vulnerabilities Moderate

GHSA-rj3w-99gc-8j58 was published for laravel/framework (Composer) May 15, 2024

Laravel Risk of mass-assignment vulnerabilities Moderate

GHSA-cc2w-ghc5-m5qr was published for illuminate/database (Composer) May 15, 2024

Laravel does not properly constrain the host portion of a password-reset URL Moderate

CVE-2017-9303 was published for illuminate/auth (Composer) May 17, 2022

Symfony SSRF Vulnerability via Form Component Moderate

CVE-2017-16790 was published for symfony/form (Composer) May 14, 2022

Froxlor Information Disclosure Moderate

CVE-2020-10236 was published for froxlor/froxlor (Composer) May 24, 2022

GeniXCMS denial of service (account blockage) Moderate

CVE-2017-14231 was published for genix/cms (Composer) May 17, 2022

phpMyAdmin Improper Input Validation Moderate

CVE-2016-2562 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022

phpMyAdmin Denial of Service (DoS) Moderate

CVE-2016-9860 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022

Moodle Incorrect sanitation of attributes in forums Moderate

CVE-2017-2576 was published for moodle/moodle (Composer) May 13, 2022

Moodle Private files uploaded via incoming mail processing could bypass quota restrictions Moderate

CVE-2019-10134 was published for moodle/moodle (Composer) May 24, 2022

Drupal file REST resource does not properly validate Moderate

CVE-2017-6921 was published for drupal/core (Composer) May 13, 2022

Drupal Denial of service via transliterate mechanism Moderate

CVE-2016-9452 was published for drupal/core (Composer) May 17, 2022

Contao Insert tag injection in forms Moderate

CVE-2020-25768 was published for contao/contao (Composer) Sep 24, 2020

Moodle arbitrary file read vulnerability Moderate

CVE-2023-28330 was published for moodle/moodle (Composer) Mar 23, 2023

Moodle does not properly validate module instance id Moderate

CVE-2006-4936 was published for moodle/moodle (Composer) May 1, 2022

Magento 2 Community Edition Information Disclosure Moderate

CVE-2019-7898 was published for magento/community-edition (Composer) May 24, 2022

Magento 2 Community Edition Information Disclosure Moderate

CVE-2019-7899 was published for magento/community-edition (Composer) May 24, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

63 advisories