Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

42 advisories

Loading
Shopware vulnerable to Improper Control of Generation of Code in Twig rendered views Critical
CVE-2023-22731 was published for shopware/core (Composer) Jan 17, 2023
Code Injection in SEOmatic Critical
CVE-2021-41749 was published for nystudio107/craft-seomatic (Composer) Jun 13, 2022
Badaso vulnerable to Remote Code Execution (RCE) Critical
CVE-2022-41705 was published for badaso/core (Composer) Nov 25, 2022
RCE vulnerability in Pimcore/Mail & Dynamic Text Layout Critical
CVE-2022-39365 was published for pimcore/pimcore (Composer) Oct 29, 2022
nth347
Potential Code Injection in Sprout Forms Critical
CVE-2020-11056 was published for barrelstrength/sprout-base-email (Composer) May 8, 2020
llamaonsecurity
Unauthenticated remote code execution in Ignition Critical
CVE-2021-3129 was published for facade/ignition (Composer) Mar 29, 2021
Code injection in codiad Critical
CVE-2019-19208 was published for codiad/codiad (Composer) Sep 1, 2021
Server Side Twig Template Injection Critical
CVE-2022-21686 was published for prestashop/prestashop (Composer) Jan 27, 2022
Brum3ns
Code Injection in thorsten/phpmyfaq Critical
CVE-2023-0788 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
Remote code execution in Funadmin Critical
CVE-2023-24776 was published for funadmin/funadmin (Composer) Mar 6, 2023
Zenario CMS is vulnerable to Remote Code Execution (RCE). Critical
CVE-2022-44136 was published for tribalsystems/zenario (Composer) Nov 30, 2022
tdunlap607
Centreon RCE Vulnerability Critical
CVE-2018-11587 was published for centreon/centreon (Composer) May 14, 2022
Craft CMS Remote Code Injection Critical
CVE-2021-27903 was published for craftcms/cms (Composer) Jul 2, 2021
nterchange Code Injection vulnerability Critical
CVE-2015-10009 was published for nonfiction/nterchange (Composer) Jan 2, 2023
Cachet vulnerable to Authenticated Remote Code Execution Critical
CVE-2023-43661 was published for cachethq/cachet (Composer) Oct 16, 2023
rive-n
Grav Server Side Template Injection (SSTI) vulnerability Critical
CVE-2023-34251 was published for getgrav/grav (Composer) Jun 16, 2023
scgajge12
TeamPass Code Injection vulnerability Critical
CVE-2023-3551 was published for nilsteampassnet/teampass (Composer) Jul 8, 2023
Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4 Critical
CVE-2023-32692 was published for codeigniter4/framework (Composer) May 22, 2023
October CMS safe mode bypass using Twig sandbox escape Critical
CVE-2023-44382 was published for october/system (Composer) Nov 29, 2023
whatev3n
Craft CMS Remote Code Execution vulnerability Critical
CVE-2023-41892 was published for craftcms/cms (Composer) Sep 13, 2023
zonia3000
Magento php object injection vulnerability Critical
CVE-2020-9664 was published for magento/core (Composer) May 24, 2022
ImpressPages CMS RCE Critical
CVE-2011-4943 was published for impresspages/impresspages (Composer) Apr 22, 2022
Remote CLI Command Execution Vulnerability in CodeIgniter4 Critical
CVE-2022-24711 was published for codeigniter4/framework (Composer) Mar 1, 2022
iRedds
Symfony Unsafe Cache Serialization Could Enable RCE Critical
CVE-2019-18889 was published for symfony/cache (Composer) Dec 2, 2019
Code Injection in PHPUnit Critical
CVE-2017-9841 was published for phpunit/phpunit (Composer) Mar 26, 2022
donatj
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database