Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
phpMyAdmin Local file exposure through symlinks with UploadDir Moderate
CVE-2016-6613 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin Local file exposure Moderate
CVE-2016-6612 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin allows to detect if user is logged in Moderate
CVE-2016-6625 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
phpMyAdmin path disclosure Moderate
CVE-2016-9853 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Moodle Global search displays user names for unauthenticated users Moderate
CVE-2017-2643 was published for moodle/moodle (Composer) May 17, 2022
Moodle User fullname disclosure on user preferences page Moderate
CVE-2017-2642 was published for moodle/moodle (Composer) May 17, 2022
TYPO3 Sensitive Information Disclosure via escapeStrForLike method Moderate
CVE-2010-5104 was published for typo3/cms-core (Composer) May 17, 2022
phpMyAdmin vulnerable to XML external entity (XXE) injection attack Moderate
CVE-2011-4107 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
SimpleSAMLphp Unauthenticated encryption in CBC mode Moderate
CVE-2017-12870 was published for simplesamlphp/simplesamlphp (Composer) May 17, 2022
Fastly Magento2 sensitive information disclosure Moderate
CVE-2017-13761 was published for fastly/magento2 (Composer) May 17, 2022
Moodle sensitive information disclosure Moderate
CVE-2017-12157 was published for moodle/moodle (Composer) May 17, 2022
Laravel Sensitive Data Exposure Moderate
CVE-2017-14775 was published for illuminate/auth (Composer) May 17, 2022
G-Rath
Silverstripe CMS User Enumeration Moderate
CVE-2017-12849 was published for silverstripe/cms (Composer) May 17, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2017-15110 was published for moodle/moodle (Composer) May 17, 2022
Moodle Privilege escalation in quiz web services Moderate
CVE-2018-1044 was published for moodle/moodle (Composer) May 14, 2022
Moodle Portfolio forum caller class allows a user to download any file Moderate
CVE-2018-1135 was published for moodle/moodle (Composer) May 14, 2022
Converse.js Exposure of Sensitive Information Moderate
CVE-2018-6591 was published for converse.js (Composer) May 14, 2022
Sensitive Data Exposure in baserCMS Moderate
CVE-2018-0575 was published for baserproject/basercms (Composer) May 14, 2022
SimpleSAMLphp Information leakage issue in the sanitycheck module Moderate
CVE-2016-3124 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
DOMPDF Arbitrary File Read Moderate
CVE-2014-2383 was published for dompdf/dompdf (Composer) May 14, 2022
phpMyAdmin full path disclosure vulnerability Moderate
CVE-2016-5730 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Showdoc Forced Browsing Moderate
CVE-2018-19609 was published for showdoc/showdoc (Composer) May 14, 2022
Flarum Core Leaks PII Moderate
CVE-2018-19133 was published for flarum/framework (Composer) May 14, 2022
phpMyAdmin Local file inclusion through transformation feature Moderate
CVE-2018-19968 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
SimpleSAMLphp allows timing side-channel attacks Moderate
CVE-2017-12872 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API