Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

172 advisories

Loading
Magento 2 Community Edition RCE Vulnerability High
CVE-2019-7932 was published for magento/community-edition (Composer) May 24, 2022
TYPO3 Backend Command Injection via Shell Metacharacters in Uploaded File Name High
CVE-2009-3631 was published for typo3/cms-backend (Composer) May 2, 2022
Arbitrary Code Execution in Processwire High
CVE-2023-24676 was published for processwire/processwire (Composer) Jan 24, 2024
Symfony Arbitrary PHP code Execution High
CVE-2013-1397 was published for symfony/symfony (Composer) May 17, 2022
PHP Code Injection by malicious function name in smarty Critical
CVE-2021-26120 was published for smarty/smarty (Composer) Feb 26, 2021
stevenseeley
Mustache remote code injection vulnerability High
CVE-2022-0323 was published for mustache/mustache (Composer) Jan 27, 2022
Remote Code Execution vulnerability in PHPMailer 6.4.1 running on Windows High
CVE-2021-34551 was published for phpmailer/phpmailer (Composer) Jun 22, 2021
Potential Remote Code Execution vulnerability High
CVE-2020-15227 was published for nette/application (Composer) Oct 2, 2020
DOMPDF Remote Code Execution High
CVE-2014-5013 was published for dompdf/dompdf (Composer) May 17, 2022
Yii Framework Code Injection High
CVE-2018-8074 was published for yiisoft/yii2-dev (Composer) May 24, 2022
Code injection in Twig High
CVE-2022-23614 was published for twig/twig (Composer) Feb 10, 2022
Moodle vulnerable to PHP object injection attacks High
CVE-2014-3541 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Symfony Unsafe Cache Serialization Could Enable RCE Critical
CVE-2019-18889 was published for symfony/cache (Composer) Dec 2, 2019
Moodle XML import of ddwtos could lead to intentional remote code execution High
CVE-2018-14630 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle remote code execution via quiz questions Moderate
CVE-2014-3545 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Remote CLI Command Execution Vulnerability in CodeIgniter4 Critical
CVE-2022-24711 was published for codeigniter4/framework (Composer) Mar 1, 2022
iRedds
Missing input validation can lead to command execution in composer High
CVE-2022-24828 was published for composer/composer (Composer) Apr 22, 2022
thomas-chauchefoin-sonarsource
phpMyAdmin remote variable manipulation Moderate
CVE-2011-2505 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin vulnerable to static code injection High
CVE-2011-2506 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
ImpressPages CMS RCE Critical
CVE-2011-4943 was published for impresspages/impresspages (Composer) Apr 22, 2022
Magento php object injection vulnerability Critical
CVE-2020-9664 was published for magento/core (Composer) May 24, 2022
Magento Remote code execution through catalog attribute sets High
CVE-2019-8231 was published for magento/core (Composer) May 24, 2022
Magento Remote code execution through support/output path modification High
CVE-2019-8230 was published for magento/core (Composer) May 24, 2022
Craft CMS Remote Code Execution vulnerability Critical
CVE-2023-41892 was published for craftcms/cms (Composer) Sep 13, 2023
zonia3000
ProTip! Advisories are also available from the GraphQL API