GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,464 advisories
Filter by severity
ezplatform-admin-ui vulnerable to Cross-Site Scripting (XSS)
Critical
GHSA-58h5-h554-429q
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
Nov 10, 2022
Cross-site scripting in SimpleSAMLphp
Low
CVE-2020-5226
was published
for
simplesamlphp/simplesamlphp
(Composer)
Jan 24, 2020
XSS in enshrined/svg-sanitize due to mishandled script and data values in attributes
High
CVE-2019-18857
was published
for
enshrined/svg-sanitize
(Composer)
Jan 8, 2020
Invalid HTTP method overrides allow possible XSS or other attacks in Symfony
Critical
CVE-2019-10913
was published
for
symfony/http-foundation
(Composer)
Dec 2, 2019
Persistent XSS vulnerability in filename of attached file in PrivateBin
Moderate
CVE-2020-5223
was published
for
privatebin/privatebin
(Composer)
Jan 14, 2020
Cross-Site Scripting in BookStack
Moderate
CVE-2020-11055
was published
for
ssddanbrown/bookstack
(Composer)
May 7, 2020
Cross-site scripting in PHPMailer
Moderate
CVE-2017-11503
was published
for
phpmailer/phpmailer
(Composer)
Mar 5, 2020
Sanitizer bypass in svg-sanitizer
Moderate
CVE-2019-10772
was published
for
enshrined/svg-sanitize
(Composer)
Feb 27, 2020
Cross-Site Scripting in SVG Sanitizer
Moderate
CVE-2020-11070
was published
for
t3g/svg-sanitizer
(Composer)
May 13, 2020
Cross-site Scripting in October
Low
CVE-2020-4061
was published
for
october/backend
(Composer)
Jul 2, 2020
Cross Site Scripting in baserCMS
Low
CVE-2020-15154
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Cross Site Scripting and RCE in baserCMS
Low
CVE-2020-15159
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Edit feed settings and others, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
Low
CVE-2020-15273
was published
for
baserproject/basercms
(Composer)
Nov 4, 2020
Persistent XSS in customer module in Shopware
Low
GHSA-6gv9-7q4g-pmvm
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings
Low
CVE-2020-15155
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
XSS vulnerability when listing users on add & modify server pages.
Moderate
GHSA-5822-pw57-vv37
was published
for
pterodactyl/panel
(Composer)
Oct 8, 2020
Persistent XSS in newsletter module in Shopware
Low
GHSA-hrfh-fp4x-crrq
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Cross-site scripting in eZ Platform Kernel
High
GHSA-mrvj-7q4f-5p42
was published
for
ezsystems/ezplatform-kernel
(Composer)
Mar 19, 2021
Non-persistent XSS in the Storefront in Shopware
Low
GHSA-qvhr-55hg-3qwv
was published
for
shopware/core
(Composer)
Sep 23, 2020
Persistent XSS in shopping worlds
Low
GHSA-28fw-88hq-6jmm
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Reflected XSS with parameters in PostComment
Moderate
CVE-2020-26225
was published
for
prestashop/productcomments
(Composer)
Nov 16, 2020
Cross-Site Scripting in Grav
Moderate
GHSA-cvmr-6428-87w9
was published
for
getgrav/grav
(Composer)
Dec 10, 2020
XSS vulnerability in company name field in Mautic
Moderate
CVE-2018-11200
was published
for
mautic/core
(Composer)
Jan 19, 2021
Inline attribute values were not processed.
High
CVE-2020-15263
was published
for
orchid/platform
(Composer)
Oct 19, 2020
ProTip!
Advisories are also available from the
GraphQL API