GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
157 advisories
Filter by severity
Moodle sensitive information disclosure
Moderate
CVE-2016-3732
was published
for
moodle/moodle
(Composer)
May 13, 2022
Sensitive Data Exposure in elFinder
Moderate
CVE-2019-5884
was published
for
studio-42/elfinder
(Composer)
May 13, 2022
TYPO3 Backend Discloses Encryption Key
Moderate
CVE-2009-3628
was published
for
typo3/cms-backend
(Composer)
May 2, 2022
Moodle included private user files in course backups
Moderate
CVE-2012-1159
was published
for
moodle/moodle
(Composer)
Apr 23, 2022
Typo3 Information Disclosure
Moderate
CVE-2011-4900
was published
for
typo3/cms
(Composer)
Apr 22, 2022
Typo3 Arbitrary Information Disclosure
Moderate
CVE-2011-4901
was published
for
typo3/cms
(Composer)
Apr 22, 2022
Typo3 Information Disclosure
Moderate
CVE-2011-4627
was published
for
typo3/cms
(Composer)
Apr 22, 2022
TYPO3 is vulnerable to Information Disclosure in the HTML mailing API
Moderate
CVE-2010-3673
was published
for
typo3/cms-core
(Composer)
Apr 21, 2022
TYPO3 is vulnerable to Information Disclosure on the backend
Moderate
CVE-2010-3664
was published
for
typo3/cms-backend
(Composer)
Apr 21, 2022
Sensitive Information Exposure in Sylius
Moderate
CVE-2022-24742
was published
for
sylius/sylius
(Composer)
Mar 14, 2022
Moodle Information Disclosure vulnerability
Moderate
CVE-2021-32473
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32477
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32472
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
HTTP caching is marking private HTTP headers as public in Shopware
Moderate
CVE-2022-24747
was published
for
shopware/core
(Composer)
Mar 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in librenms
Moderate
CVE-2022-0588
was published
for
librenms/librenms
(Composer)
Feb 16, 2022
Exposure of Sensitive Information to an Unauthorized Actor in pimcore
Moderate
CVE-2022-0565
was published
for
pimcore/pimcore
(Composer)
Feb 15, 2022
Exposure of Sensitive Information in snipe/snipe-it
Moderate
CVE-2022-0569
was published
for
snipe/snipe-it
(Composer)
Feb 15, 2022
Password exposure in concrete5/core
Moderate
CVE-2021-22951
was published
for
concrete5/core
(Composer)
Nov 23, 2021
Exposure of sensitive information in concrete5/core
Moderate
CVE-2021-22967
was published
for
concrete5/core
(Composer)
Nov 23, 2021
Exposure of Sensitive Information to an Unauthorized Actor in Moodle
Moderate
CVE-2020-25703
was published
for
moodle/moodle
(Composer)
Oct 21, 2021
Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32716
was published
for
shopware/platform
(Composer)
Sep 8, 2021
Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32712
was published
for
shopware/shopware
(Composer)
Sep 8, 2021
Exposed phpinfo() leadked via documentation files
Moderate
CVE-2021-37704
was published
for
phpfastcache/phpfastcache
(Composer)
Aug 30, 2021
List of order ids, number, items total and token value exposed for unauthorized uses via new API
Moderate
CVE-2021-32720
was published
for
sylius/sylius
(Composer)
Jun 29, 2021
Prevent user enumeration using Guard or the new Authenticator-based Security
Moderate
CVE-2021-21424
was published
for
lexik/jwt-authentication-bundle
(Composer)
May 13, 2021
ProTip!
Advisories are also available from the
GraphQL API