Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,747
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,748 advisories

Loading
Denial of Service via Cache Flooding Low
GHSA-p68v-frgx-4rjp was published for shopware/core (Composer) Oct 19, 2020
Authenticated XML External Entity Processing Moderate
GHSA-8xv9-qcr9-ww9j was published for shopware/core (Composer) Oct 19, 2020
dahua966
Ability to switch customer email address on account detail page and stay verified Moderate
CVE-2020-15245 was published for sylius/sylius (Composer) Oct 19, 2020
decemvre
Inline attribute values were not processed. High
CVE-2020-15263 was published for orchid/platform (Composer) Oct 19, 2020
XSS vulnerability when listing users on add & modify server pages. Moderate
GHSA-5822-pw57-vv37 was published for pterodactyl/panel (Composer) Oct 8, 2020
sergejostir
Cross-Site Scripting in ternary conditional operator Moderate
CVE-2020-15241 was published for typo3/cms (Composer) Oct 8, 2020
billdagou NamelessCoder
Potential Remote Code Execution vulnerability High
CVE-2020-15227 was published for nette/application (Composer) Oct 2, 2020
Contao Insert tag injection in forms Moderate
CVE-2020-25768 was published for contao/contao (Composer) Sep 24, 2020
Non-persistent XSS in the Storefront in Shopware Low
GHSA-qvhr-55hg-3qwv was published for shopware/core (Composer) Sep 23, 2020
z1tr0t3c
RCE in Third Party Library in Shopware Low
GHSA-qvc5-cfrr-384v was published for shopware/core (Composer) Sep 23, 2020
patpilus
Unsafe deserialization in Yii 2 High
CVE-2020-15148 was published for yiisoft/yii2 (Composer) Sep 15, 2020
nt0xa
Potential XSS injection In PrestaShop contactform High
CVE-2020-15178 was published for prestashop/contactform (Composer) Sep 15, 2020
personnummer/php vulnerable to Improper Input Validation Low
GHSA-2p6g-gjp8-ggg9 was published for personnummer/personnummer (Composer) Sep 9, 2020
Information Disclosure in TYPO3 extension sf_event_mgt Moderate
CVE-2020-25026 was published for derhansen/sf_event_mgt (Composer) Sep 2, 2020
derhansen
RCE in Symfony High
CVE-2020-15094 was published for symfony/http-kernel (Composer) Sep 2, 2020
mpdude stof
DataTable Vulnerable to Cross-Site Scripting High
CVE-2015-6584 was published for datatables (Composer) Aug 31, 2020
Cross Site Scripting and RCE in baserCMS Low
CVE-2020-15159 was published for baserproject/basercms (Composer) Aug 28, 2020
stypr
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings Low
CVE-2020-15155 was published for baserproject/basercms (Composer) Aug 28, 2020
Aquilao
Cross Site Scripting in baserCMS Low
CVE-2020-15154 was published for baserproject/basercms (Composer) Aug 28, 2020
Aquilao
Remote Code Execution in SyliusResourceBundle High
CVE-2020-15143 was published for sylius/resource-bundle (Composer) Aug 19, 2020
isometriks tdunlap607
Remote Code Execution in SyliusResourceBundle Critical
CVE-2020-15146 was published for sylius/resource-bundle (Composer) Aug 19, 2020
isometriks tdunlap607
Observable Timing Discrepancy in OpenMage LTS High
CVE-2020-15151 was published for openmage/magento-lts (Composer) Aug 19, 2020
Flyingmana theroch
Reset Password / Login vulnerability in Sulu Moderate
CVE-2020-15132 was published for sulu/sulu (Composer) Aug 5, 2020
Synacktiv-contrib TomKeur
Prokyonn
Reliance on Cookies without validation in OctoberCMS Moderate
CVE-2020-15128 was published for october/rain (Composer) Aug 5, 2020
Stored XSS in October Low
CVE-2020-11083 was published for october/backend (Composer) Aug 5, 2020
staz0t
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database