Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

274 advisories

Loading
Moodle vulnerable to Cross-site Scripting Low
CVE-2010-1614 was published for moodle/moodle (Composer) May 13, 2022
Moodle doesn't properly check role Low
CVE-2010-1617 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-Site Scripting Low
CVE-2011-4299 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-site Scripting Low
CVE-2011-4282 was published for moodle/moodle (Composer) May 13, 2022
PHPUnit extension for TYPO3 vulnerable to Cross-site Scripting Low
CVE-2013-4744 was published for oliverklee/phpunit (Composer) May 13, 2022
Piwik (now Matomo) Vulnerable to Cross-Site Scripting (XSS) Low
CVE-2013-1844 was published for matomo/matomo (Composer) May 13, 2022
phpMyAdmin cross-site scripting vulnerability in crafted view name Low
CVE-2014-5274 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
MantisBT Cross-site Scripting vulnerability Low
CVE-2010-2574 was published for mantisbt/mantisbt (Composer) May 14, 2022
SilverStripe vulnerable to Cross-site Scripting Low
CVE-2010-1593 was published for silverstripe/cms (Composer) May 14, 2022
Symfony Session Fixation Vulnerability Low
CVE-2015-8124 was published for symfony/security (Composer) May 14, 2022
TYPO3 cross-site scripting (XSS) Low
CVE-2015-5956 was published for typo3/cms (Composer) May 14, 2022
Typo3 XSS Vulnerabilities Low
CVE-2014-3943 was published for typo3/cms (Composer) May 14, 2022
TYPO3 Cross-site scripting (XSS) vulnerability in the Extbase Framework Low
CVE-2013-7078 was published for typo3/cms-core (Composer) May 17, 2022
TYPO3 Cross-Site Scripting (XSS) vulnerabilities in Content Editing Wizards component Low
CVE-2013-7074 was published for typo3/cms (Composer) May 17, 2022
Static Info Tables (static_info_tables) extension TYPO3 vulnerable to Cross-site Scripting Low
CVE-2013-5323 was published for sjbr/static-info-tables (Composer) May 17, 2022
Static Methods since 2007 (div2007) extension for TYPO3 vulnerable to Cross-site Scripting Low
CVE-2013-5100 was published for jambagecom/div2007 (Composer) May 17, 2022
Typo3 Backend History Module Vulnerable to XSS Low
CVE-2012-6145 was published for typo3/cms (Composer) May 17, 2022
Typo3 Backend API XSS Vulnerability Low
CVE-2012-6147 was published for typo3/cms (Composer) May 17, 2022
Typo3 Function Menu API XSS Vulnerability Low
CVE-2012-6148 was published for typo3/cms (Composer) May 17, 2022
powermail extension for TYPO3 has Cross-site Scripting vulnerability Low
CVE-2012-5889 was published for in2code/powermail (Composer) May 17, 2022
Basic SEO Features (seo_basics) extension TYPO3 vulnerable to Cross-site Scripting Low
CVE-2012-5888 was published for b13/seo_basics (Composer) May 17, 2022
Typo3 Backend Configuration XSS Vulnerability Low
CVE-2012-3529 was published for typo3/cms (Composer) May 17, 2022
Typo3 Backend XSS Vulnerability Low
CVE-2012-3528 was published for typo3/cms (Composer) May 17, 2022
phpMyAdmin Cross-site Scripting vulnerability Low
CVE-2011-4782 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Symphony CMS vulnerable to Cross-site Scripting Low
CVE-2011-4340 was published for symphonycms/symphony-2 (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database