GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
171 advisories
Filter by severity
October CMS safe mode bypass using Page template injection
Moderate
CVE-2023-44381
was published
for
october/system
(Composer)
Nov 29, 2023
Statamic CMS vulnerable to remote code execution via form uploads
High
CVE-2023-48217
was published
for
statamic/cms
(Composer)
Nov 14, 2023
Moodle Code Injection vulnerability
Moderate
CVE-2023-5550
was published
for
moodle/moodle
(Composer)
Nov 9, 2023
Moodle Code Injection vulnerability
High
CVE-2023-5540
was published
for
moodle/moodle
(Composer)
Nov 9, 2023
Subrion remote command execution vulnerability
High
CVE-2023-46947
was published
for
intelliants/subrion
(Composer)
Nov 3, 2023
LibreNMS Code Injection vulnerability
Moderate
CVE-2023-4977
was published
for
librenms/librenms
(Composer)
Sep 15, 2023
teampass vulnerable to code injection
High
CVE-2023-2591
was published
for
nilsteampassnet/teampass
(Composer)
May 9, 2023
Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4
Critical
CVE-2023-32692
was published
for
codeigniter4/framework
(Composer)
May 22, 2023
TeamPass Code Injection vulnerability
Critical
CVE-2023-3551
was published
for
nilsteampassnet/teampass
(Composer)
Jul 8, 2023
Moodle Code Injection vulnerability
Moderate
CVE-2023-5539
was published
for
moodle/moodle
(Composer)
Nov 9, 2023
baserCMS Code Injection Vulnerability in Mail Form Feature
Moderate
CVE-2023-43792
was published
for
baserproject/basercms
(Composer)
Oct 26, 2023
Command injection in pagekit
High
CVE-2023-41005
was published
for
pagekit/pagekit
(Composer)
Aug 29, 2023
Economizzer host header injection vulnerability
High
CVE-2023-38877
was published
for
gugoan/economizzer
(Composer)
Sep 28, 2023
Code injection in nilsteampassnet/teampass
High
CVE-2023-2859
was published
for
nilsteampassnet/teampass
(Composer)
May 24, 2023
Grav Server Side Template Injection (SSTI) vulnerability
Critical
CVE-2023-34251
was published
for
getgrav/grav
(Composer)
Jun 16, 2023
Cachet vulnerable to Authenticated Remote Code Execution
Critical
CVE-2023-43661
was published
for
cachethq/cachet
(Composer)
Oct 16, 2023
Grav Server-side Template Injection (SSTI) via Twig Default Filters
High
CVE-2023-34252
was published
for
getgrav/grav
(Composer)
Jun 16, 2023
Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
High
CVE-2023-34253
was published
for
getgrav/grav
(Composer)
Jun 16, 2023
PHPMailer vulnerable to email header injection
High
CVE-2012-0796
was published
for
phpmailer/phpmailer
(Composer)
Oct 6, 2022
nterchange Code Injection vulnerability
Critical
CVE-2015-10009
was published
for
nonfiction/nterchange
(Composer)
Jan 2, 2023
PrestaShop PHP Object Injection
High
CVE-2018-20717
was published
for
prestashop/prestashop
(Composer)
May 14, 2022
SEOmatic plugin for Craft CMS SSTI Vulnerability
High
CVE-2018-14716
was published
for
nystudio107/craft-seomatic
(Composer)
May 13, 2022
Craft CMS Remote Code Injection
Critical
CVE-2021-27903
was published
for
craftcms/cms
(Composer)
Jul 2, 2021
Centreon RCE Vulnerability
Critical
CVE-2018-11587
was published
for
centreon/centreon
(Composer)
May 14, 2022
phpMyAdmin Remote Code Execution
High
CVE-2013-3239
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API