Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

171 advisories

Loading
Magento Remote code execution through catalog attribute sets High
CVE-2019-8231 was published for magento/core (Composer) May 24, 2022
Magento Remote code execution through support/output path modification High
CVE-2019-8230 was published for magento/core (Composer) May 24, 2022
Yii Framework Code Injection High
CVE-2018-8074 was published for yiisoft/yii2-dev (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability High
CVE-2019-7932 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition RCE High
CVE-2019-7942 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability High
CVE-2019-7903 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Unsafe File Upload High
CVE-2019-7871 was published for magento/community-edition (Composer) May 24, 2022
Dolibarr ERP and CRM Code Injection High
CVE-2019-11201 was published for dolibarr/dolibarr (Composer) May 24, 2022
DOMPDF Remote Code Execution High
CVE-2014-5013 was published for dompdf/dompdf (Composer) May 17, 2022
DOMPDF Remote File Inclusion Vulnerability High
CVE-2010-4879 was published for dompdf/dompdf (Composer) May 17, 2022
phpMyAdmin Remote Code Execution High
CVE-2013-3239 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Pimcore Vulnerable to PHP Object Injection Attacks High
CVE-2014-2921 was published for pimcore/pimcore (Composer) May 17, 2022
Yii PHP Framework arbitrary PHP scripts execution High
CVE-2014-4672 was published for yiisoft/yii (Composer) May 17, 2022
Drupal arbitrary code execution High
CVE-2016-3171 was published for drupal/core (Composer) May 17, 2022
Slim vulnerable to PHP object injection High
CVE-2015-2171 was published for slim/slim (Composer) May 17, 2022
Symfony Vulnerable to PHP Eval Injection Moderate
CVE-2015-2308 was published for symfony/http-kernel (Composer) May 17, 2022
phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension High
CVE-2016-6633 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Authenticated RCE in Zen Cart 1.5.5e High
CVE-2017-11675 was published for zencart/zencart (Composer) May 17, 2022
Symphony Vulnerable to PHP Code Injection via YAML Parsing High
CVE-2013-1348 was published for symfony/symfony (Composer) May 17, 2022
Symfony Arbitrary PHP code Execution High
CVE-2013-1397 was published for symfony/symfony (Composer) May 17, 2022
Smarty arbitrary PHP code execution High
CVE-2014-8350 was published for smarty/smarty (Composer) May 17, 2022
GeniXCMS arbitrary PHP code execution High
CVE-2017-14764 was published for genix/cms (Composer) May 17, 2022
Zeta Components Mail Arbitrary code execution via a crafted email address High
CVE-2017-15806 was published for zetacomponents/mail (Composer) May 17, 2022
Smarty PHP code injection Critical
CVE-2017-1000480 was published for smarty/smarty (Composer) May 14, 2022
yii2-redis Potential Remote code execution Critical
CVE-2018-8073 was published for yiisoft/yii2-redis (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database