Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,150
Maven
5,000+
npm
3,815
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,454 advisories

Loading
Laravel has a File Validation Bypass Moderate
CVE-2025-27515 was published for laravel/framework (Composer) Mar 5, 2025
Jusb3 TrixterTheTux
Volt Allows RCE Via User-Crafted Requests Critical
CVE-2025-27517 was published for livewire/volt (Composer) Mar 5, 2025
angelej
REDAXO allows Arbitrary File Upload in the mediapool page Moderate
CVE-2025-27411 was published for redaxo/source (Composer) Mar 5, 2025
0xadik
User account enumeration in eZ Publish Ibexa Kernel Moderate
CVE-2021-46876 was published for ezsystems/ezpublish-kernel (Composer) Mar 12, 2023
REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation Moderate
CVE-2025-27412 was published for redaxo/source (Composer) Mar 5, 2025
0xadik
IDOR vulnerability in account profile page Moderate
CVE-2024-39319 was published for aimeos/ai-controller-frontend (Composer) Sep 26, 2024
ssshah2131
SQL Injection in Funadmin Critical
CVE-2023-24775 was published for funadmin/funadmin (Composer) Mar 7, 2023
Cross Site Scripting in eZ Platform Ibexa Kernel Moderate
CVE-2021-46875 was published for ezsystems/ezplatform-kernel (Composer) Mar 12, 2023
Magento Open Source allows Improper Input Validation High
CVE-2024-20758 was published for magento/community-edition (Composer) Apr 10, 2024
Magento Open Source allows Cross-Site Scripting (XSS) Moderate
CVE-2024-20759 was published for magento/community-edition (Composer) Apr 10, 2024
Magento Open Source allows OS Command Injection High
CVE-2024-20720 was published for magento/community-edition (Composer) Feb 15, 2024
Magento Open Source allows Cross-Site Scripting (XSS) High
CVE-2024-20719 was published for magento/community-edition (Composer) Feb 15, 2024
Magento Open Source allows Cross-Site Request Forgery (CSRF) Moderate
CVE-2024-20718 was published for magento/community-edition (Composer) Feb 15, 2024
Magento Open Source allows Uncontrolled Resource Consumption Moderate
CVE-2024-20716 was published for magento/community-edition (Composer) Feb 15, 2024
Magento Open Source allows Uncontrolled Resource Consumption Moderate
CVE-2023-38251 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows SQL Injection Moderate
CVE-2023-38250 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows SQL Injection Moderate
CVE-2023-38249 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows SQL Injection Moderate
CVE-2023-38221 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows Improper Authorization Moderate
CVE-2023-38220 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows Cross-Site Scripting (XSS) Low
CVE-2023-38219 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows Incorrect Authorization Moderate
CVE-2023-38218 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source has Improper Input Validation Vulnerability Moderate
CVE-2023-26367 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows Incorrect Authorization Low
CVE-2023-29296 was published for magento/community-edition (Composer) Jun 15, 2023
Magento Open Source allows Server-Side Request Forgery (SSRF) Moderate
CVE-2023-26366 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source affected by Improper Input Validation Moderate
CVE-2022-24093 was published for magento/community-edition (Composer) Sep 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database