Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
Sensitive Data Exposure in elFinder Moderate
CVE-2019-5884 was published for studio-42/elfinder (Composer) May 13, 2022
TYPO3 Backend Discloses Encryption Key Moderate
CVE-2009-3628 was published for typo3/cms-backend (Composer) May 2, 2022
Moodle included private user files in course backups Moderate
CVE-2012-1159 was published for moodle/moodle (Composer) Apr 23, 2022
Typo3 Information Disclosure Moderate
CVE-2011-4900 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Arbitrary Information Disclosure Moderate
CVE-2011-4901 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Information Disclosure Moderate
CVE-2011-4627 was published for typo3/cms (Composer) Apr 22, 2022
TYPO3 is vulnerable to Information Disclosure in the HTML mailing API Moderate
CVE-2010-3673 was published for typo3/cms-core (Composer) Apr 21, 2022
TYPO3 is vulnerable to Information Disclosure on the backend Moderate
CVE-2010-3664 was published for typo3/cms-backend (Composer) Apr 21, 2022
Sensitive Information Exposure in Sylius Moderate
CVE-2022-24742 was published for sylius/sylius (Composer) Mar 14, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32477 was published for moodle/moodle (Composer) Mar 12, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32472 was published for moodle/moodle (Composer) Mar 12, 2022
Moodle Information Disclosure vulnerability Moderate
CVE-2021-32473 was published for moodle/moodle (Composer) Mar 12, 2022
HTTP caching is marking private HTTP headers as public in Shopware Moderate
CVE-2022-24747 was published for shopware/core (Composer) Mar 10, 2022
UlrichThomasGabor
Exposure of Sensitive Information to an Unauthorized Actor in librenms Moderate
CVE-2022-0588 was published for librenms/librenms (Composer) Feb 16, 2022
Exposure of Sensitive Information in snipe/snipe-it Moderate
CVE-2022-0569 was published for snipe/snipe-it (Composer) Feb 15, 2022
Exposure of Sensitive Information to an Unauthorized Actor in pimcore Moderate
CVE-2022-0565 was published for pimcore/pimcore (Composer) Feb 15, 2022
Password exposure in concrete5/core Moderate
CVE-2021-22951 was published for concrete5/core (Composer) Nov 23, 2021
Exposure of sensitive information in concrete5/core Moderate
CVE-2021-22967 was published for concrete5/core (Composer) Nov 23, 2021
Exposure of Sensitive Information to an Unauthorized Actor in Moodle Moderate
CVE-2020-25703 was published for moodle/moodle (Composer) Oct 21, 2021
Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32716 was published for shopware/platform (Composer) Sep 8, 2021
Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32712 was published for shopware/shopware (Composer) Sep 8, 2021
Exposed phpinfo() leadked via documentation files Moderate
CVE-2021-37704 was published for phpfastcache/phpfastcache (Composer) Aug 30, 2021
Geolim4
List of order ids, number, items total and token value exposed for unauthorized uses via new API Moderate
CVE-2021-32720 was published for sylius/sylius (Composer) Jun 29, 2021
nickvanderzwet
Prevent user enumeration using Guard or the new Authenticator-based Security Moderate
CVE-2021-21424 was published for lexik/jwt-authentication-bundle (Composer) May 13, 2021
jamesisaac mbrodala
chalasr
Moodle allowed some users without permission to view other users' full names Moderate
CVE-2021-20281 was published for moodle/moodle (Composer) Mar 29, 2021
ProTip! Advisories are also available from the GraphQL API