Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

20,496 advisories

Loading
Magento 2 Community Edition Path Traversal Vulnerability High
CVE-2019-7859 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Unsafe File Upload High
CVE-2019-7861 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7862 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition IDOR Vulnerability High
CVE-2019-7854 was published for magento/community-edition (Composer) May 24, 2022
Magento Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-7857 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Cryptographic Flaw High
CVE-2019-7858 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Weak PRNG High
CVE-2019-7860 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7867 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7866 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition IDOR Vulnerability Moderate
CVE-2019-7864 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition CSRF vulnerability Moderate
CVE-2019-7851 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Cryptographic Flaw Moderate
CVE-2019-7855 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Path Disclosure Moderate
CVE-2019-7852 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Session Fixation Check High
CVE-2019-7849 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7853 was published for magento/community-edition (Composer) May 24, 2022
moodle Improper Access Control Moderate
CVE-2019-10189 was published for moodle/moodle (Composer) May 24, 2022
Moodle CSRF Vulnerability High
CVE-2019-10186 was published for moodle/moodle (Composer) May 24, 2022
moodle Improper Access Control Moderate
CVE-2019-10188 was published for moodle/moodle (Composer) May 24, 2022
Moodle Ability to delete glossary entries that belong to another glossary Moderate
CVE-2019-10187 was published for moodle/moodle (Composer) May 24, 2022
Cross-Site Request Forgery in Jolokia High
CVE-2018-10899 was published for org.jolokia:jolokia-core (Maven) May 24, 2022
Skytap Cloud CI Plugin stored credentials in plain text Moderate
CVE-2019-10366 was published for org.jenkins-ci.plugins:skytap (Maven) May 24, 2022
Improper Encoding or Escaping of Output in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10362 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Jenkins Maven Release Plug-in Plugin stored credentials in plain text Low
CVE-2019-10361 was published for org.jenkins-ci.plugins.m2release:m2release (Maven) May 24, 2022
Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10363 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Jenkins Maven Release Plugin vulnerable to Cross-site Scripting Moderate
CVE-2019-10360 was published for org.jenkins-ci.plugins.m2release:m2release (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database