GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,367
Maven
5,000+
npm
3,986
NuGet
720
pip
3,778
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
275 advisories
Filter by severity
TYPO3 Cross-site scripting (XSS) vulnerability in the FORM content object
Low
CVE-2010-5098
was published
for
typo3/cms-frontend
(Composer)
May 17, 2022
TYPO3 Cross-Site Scripting vulnerability in the Install Tool
Low
CVE-2010-5100
was published
for
typo3/cms-install
(Composer)
May 17, 2022
TYPO3 Cross-site scripting (XSS) vulnerability in the click enlarge functionality
Low
CVE-2010-5097
was published
for
typo3/cms-frontend
(Composer)
May 17, 2022
typo3/cms-felogin Cross-site Scripting vulnerability
Low
CVE-2008-5656
was published
for
typo3/cms-felogin
(Composer)
May 17, 2022
phpMyAdmin cookie-attribute injection
Low
CVE-2016-5702
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Joomla! Cross-site Scripting vulnerability
Low
CVE-2013-5583
was published
for
joomla/joomla-cms
(Composer)
May 17, 2022
phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value
Low
CVE-2013-5002
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin cross-site scripting Vulnerability in Table or Column Names
Low
CVE-2014-4986
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
concrete5 vulnerable to Cross-site Scripting
Low
CVE-2015-3989
was published
for
concrete5/concrete5
(Composer)
May 17, 2022
phpMyAdmin cross-site scripting Vulnerability via ENUM value
Low
CVE-2014-7217
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Multiple XSS Vulnerabilities
Low
CVE-2011-3592
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
Low
CVE-2011-3591
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
WEC Map (wec_map) extension for TYPO3 allows Cross-site Scripting
Low
CVE-2014-6296
was published
for
jbartels/wec-map
(Composer)
May 17, 2022
phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page
Low
CVE-2012-4345
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin multiple cross-site scripting vulnerabilities
Low
CVE-2012-5339
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin vulnerable to Cross-site Scripting
Low
CVE-2011-4634
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Vulnerable to Cross-Site Scripting
Low
CVE-2011-1940
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Typo3 Backend XSS Vulnerabilities
Low
CVE-2012-1606
was published
for
typo3/cms
(Composer)
May 17, 2022
phpMyAdmin Multiple XSS Vulnerabilities
Low
CVE-2012-4579
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Joomla! vulnerable to Cross-site Scripting
Low
CVE-2011-4332
was published
for
joomla/joomla-cms
(Composer)
May 17, 2022
Drupal cross-site scripting vulnerability via actions feature and trigger module
Low
CVE-2010-3094
was published
for
drupal/drupal
(Composer)
May 17, 2022
Magento incorrect user permissions vulnerability within the Inventory component
Low
CVE-2020-24403
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition vulnerable to Improper Authorization
Low
CVE-2020-24404
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento information disclosure vulnerability
Low
CVE-2020-24406
was published
for
magento/community-edition
(Composer)
May 24, 2022
OpenCart Cross-Site Request Forgery (CSRF)
Low
CVE-2020-28838
was published
for
opencart/opencart
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API