Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Dolibarr vulnerable to privilege escalation Critical
CVE-2022-43138 was published for dolibarr/dolibarr (Composer) Nov 17, 2022
Magento business logic error vulnerability Critical
CVE-2020-9630 was published for magento/community-edition (Composer) May 24, 2022
bbPress unauthenticated privilege-escalation Critical
CVE-2020-13693 was published for bbpress/bbpress (Composer) May 24, 2022
Centreon Privilege Escalation Critical
CVE-2018-21025 was published for centreon/centreon (Composer) May 24, 2022
Drupal Entity access bypass for entities that do not have UUIDs or have protected revisions Critical
CVE-2017-6925 was published for drupal/core (Composer) May 13, 2022
phpMyAdmin Improper Privilege Management Critical
CVE-2017-18264 was published for phpmyadmin/phpmyadmin (Composer) May 13, 2022
Improper Privilege Management in Open Web Analytics Critical
CVE-2022-24637 was published for open-web-analytics/open-web-analytics (Composer) Mar 19, 2022
ProTip! Advisories are also available from the GraphQL API