Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

113,773 advisories

Loading
Drupal access bypass vulnerability Moderate
CVE-2017-6928 was published for drupal/core (Composer) May 13, 2022
Drupal core access bypass vulnerability Moderate
CVE-2017-6922 was published for drupal/core (Composer) May 13, 2022
Drupal Core Cross-site scripting vulnerability Moderate
CVE-2020-13688 was published for drupal/core (Composer) May 24, 2022
Drupal Core Access bypass vulnerability Moderate
CVE-2020-13667 was published for drupal/core (Composer) May 24, 2022
Drupal Core Open Redirect vulnerability Moderate
CVE-2020-13662 was published for drupal/core (Composer) May 24, 2022
Drupal Core Cross-site scripting vulnerability Moderate
CVE-2020-13666 was published for drupal/core (Composer) May 24, 2022
Drupal CRLF injection vulnerability in the drupal_set_header function Moderate
CVE-2016-3166 was published for drupal/core (Composer) May 17, 2022
Drupal Cross-site scripting (XSS) vulnerability Moderate
CVE-2016-7571 was published for drupal/core (Composer) May 17, 2022
Drupal Unprivileged access to config export Moderate
CVE-2016-7572 was published for drupal/core (Composer) May 17, 2022
Drupal sensitive information disclosure Moderate
CVE-2016-9449 was published for drupal/core (Composer) May 17, 2022
Drupal cross site scripting vulnerability Moderate
CVE-2017-6929 was published for drupal/core (Composer) May 14, 2022
Drupal external link injection vulnerability Moderate
CVE-2017-6932 was published for drupal/core (Composer) May 14, 2022
Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive Information Moderate
CVE-2024-21733 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jan 19, 2024
westonsteimel
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could... Moderate Unreviewed
CVE-2024-21972 was published Apr 23, 2024
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could... Moderate Unreviewed
CVE-2024-21979 was published Apr 23, 2024
Joplin Cross Site Scripting Vulnerability via NOSCRIPT tags Moderate
CVE-2021-33295 was published for joplin (npm) Jun 17, 2022
Joplin Vulnerable to Cross-site Scripting in Note Content Moderate
CVE-2018-1000534 was published for joplin (npm) May 14, 2022
Joplin vulnerable to Cross-site Scripting in notes Moderate
CVE-2021-37916 was published for joplin (npm) May 24, 2022
Keycloak users may be able to remove MFA from other users' devices Moderate
CVE-2020-10686 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
Keycloak Insufficient Session Expiry Moderate
CVE-2020-1724 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
OpenCart Path Traversal Moderate
CVE-2018-11495 was published for opencart/opencart (Composer) May 14, 2022
QuickApps CMS Cross-site Scripting Moderate
CVE-2017-1000495 was published for quickapps/cms (Composer) May 14, 2022
Paymorrow Improper Input Validation vulnerability Moderate
CVE-2018-14020 was published for oxid-esales/paymorrow-module (Composer) May 13, 2022
Yab Quarx persistent cross-site scripting vulnerability Moderate
CVE-2018-7274 was published for yab/quarx (Composer) May 13, 2022
Drupal file REST resource does not properly validate Moderate
CVE-2017-6921 was published for drupal/core (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database