Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

24,577 advisories

Loading
Shopware vulnerable to Improper Input Validation of Clearance sale in cart Moderate
CVE-2023-22730 was published for shopware/core (Composer) Jan 17, 2023
JoshuaBehrens aragon999
Credited to JoshuaBehrens and aragon999
Sisimai Inefficient Regular Expression Complexity vulnerability Moderate
CVE-2022-4891 was published for sisimai (RubyGems) Jan 17, 2023
Code injection in ruby git High
CVE-2022-47318 was published for git (RubyGems) Jan 17, 2023
pgAdmin 4 Open Redirect vulnerability Moderate
CVE-2023-22298 was published for pgadmin4 (pip) Jan 17, 2023
simplesamlphp-module-openidprovider Cross Site Scripting vulnerability Moderate
CVE-2010-10008 was published for simplesamlphp/simplesamlphp-module-openidprovider (Composer) Jan 17, 2023
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints High
CVE-2022-43719 was published for apache-superset (pip) Jan 16, 2023
Apache Superset is vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2022-43718 was published for apache-superset (pip) Jan 16, 2023
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection Moderate
CVE-2022-41703 was published for apache-superset (pip) Jan 16, 2023
SQL Injection in liftkit/database Critical
CVE-2016-15020 was published for liftkit/database (Composer) Jan 16, 2023
Apache Superset vulnerable to Cross-site Scripting Moderate
CVE-2022-43717 was published for apache-superset (pip) Jan 16, 2023
Apache Superset Open Redirect vulnerability Moderate
CVE-2022-43721 was published for apache-superset (pip) Jan 16, 2023
Apache Superset has Improper Access Control Moderate
CVE-2022-45438 was published for apache-superset (pip) Jan 16, 2023
Apache Superset vulnerable to Injection Moderate
CVE-2022-43720 was published for apache-superset (pip) Jan 16, 2023
curupira is vulnerable to SQL injection Critical
CVE-2015-10053 was published for curupira (RubyGems) Jan 16, 2023
Froxlor is vulnerable to path traversal Moderate
CVE-2023-0316 was published for froxlor/froxlor (Composer) Jan 16, 2023
Froxlor vulnerable to Command Injection High
CVE-2023-0315 was published for froxlor/froxlor (Composer) Jan 16, 2023
phpMyFAQ Stored Cross-site Scripting vulnerability Moderate
CVE-2023-0308 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
phpMyFAQ Stored Cross-site Scripting vulnerability Moderate
CVE-2023-0306 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
phpMyFAQ has Weak Password Requirements Moderate
CVE-2023-0307 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
phpMyFAQ Stored Cross-site Scripting vulnerability Moderate
CVE-2023-0310 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
phpMyFAQ Improper Authentication vulnerability Critical
CVE-2023-0311 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
phpMyFAQ Stored Cross-site Scripting vulnerability Moderate
CVE-2023-0309 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
thorsten/phpmyfaq is vulnerable to cross-site scripting (XSS) Moderate
CVE-2023-0312 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
phpMyFAQ Stored Cross-site Scripting vulnerability Moderate
CVE-2023-0313 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
phpMyFAQ Reflected Cross-site Scripting vulnerability Moderate
CVE-2023-0314 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database