GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
157 advisories
Filter by severity
Moodle Glossary search displays entries without checking user permissions to view them
Moderate
CVE-2016-5012
was published
for
moodle/moodle
(Composer)
May 17, 2022
phpMyAdmin Local file exposure
Moderate
CVE-2016-6612
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Local file exposure through symlinks with UploadDir
Moderate
CVE-2016-6613
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin allows to detect if user is logged in
Moderate
CVE-2016-6625
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin path disclosure
Moderate
CVE-2016-9853
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Moodle Global search displays user names for unauthenticated users
Moderate
CVE-2017-2643
was published
for
moodle/moodle
(Composer)
May 17, 2022
Moodle User fullname disclosure on user preferences page
Moderate
CVE-2017-2642
was published
for
moodle/moodle
(Composer)
May 17, 2022
TYPO3 Sensitive Information Disclosure via escapeStrForLike method
Moderate
CVE-2010-5104
was published
for
typo3/cms-core
(Composer)
May 17, 2022
phpMyAdmin vulnerable to XML external entity (XXE) injection attack
Moderate
CVE-2011-4107
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
SimpleSAMLphp Unauthenticated encryption in CBC mode
Moderate
CVE-2017-12870
was published
for
simplesamlphp/simplesamlphp
(Composer)
May 17, 2022
Fastly Magento2 sensitive information disclosure
Moderate
CVE-2017-13761
was published
for
fastly/magento2
(Composer)
May 17, 2022
Moodle sensitive information disclosure
Moderate
CVE-2017-12157
was published
for
moodle/moodle
(Composer)
May 17, 2022
Laravel Sensitive Data Exposure
Moderate
CVE-2017-14775
was published
for
illuminate/auth
(Composer)
May 17, 2022
Silverstripe CMS User Enumeration
Moderate
CVE-2017-12849
was published
for
silverstripe/cms
(Composer)
May 17, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2017-15110
was published
for
moodle/moodle
(Composer)
May 17, 2022
Moodle Privilege escalation in quiz web services
Moderate
CVE-2018-1044
was published
for
moodle/moodle
(Composer)
May 14, 2022
Moodle Portfolio forum caller class allows a user to download any file
Moderate
CVE-2018-1135
was published
for
moodle/moodle
(Composer)
May 14, 2022
Converse.js Exposure of Sensitive Information
Moderate
CVE-2018-6591
was published
for
converse.js
(Composer)
May 14, 2022
Sensitive Data Exposure in baserCMS
Moderate
CVE-2018-0575
was published
for
baserproject/basercms
(Composer)
May 14, 2022
SimpleSAMLphp Information leakage issue in the sanitycheck module
Moderate
CVE-2016-3124
was published
for
simplesamlphp/simplesamlphp
(Composer)
May 14, 2022
DOMPDF Arbitrary File Read
Moderate
CVE-2014-2383
was published
for
dompdf/dompdf
(Composer)
May 14, 2022
phpMyAdmin full path disclosure vulnerability
Moderate
CVE-2016-5730
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
Showdoc Forced Browsing
Moderate
CVE-2018-19609
was published
for
showdoc/showdoc
(Composer)
May 14, 2022
Flarum Core Leaks PII
Moderate
CVE-2018-19133
was published
for
flarum/framework
(Composer)
May 14, 2022
phpMyAdmin Local file inclusion through transformation feature
Moderate
CVE-2018-19968
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API