GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,137 advisories
Mautic Sessions could be hijacked due to tracking contacts by an auto-incremented ID
High
CVE-2018-10189
was published
for
mautic/core
(Composer)
Jan 19, 2021
Sandbox escape through template_object in smarty
High
CVE-2021-26119
was published
for
smarty/smarty
(Composer)
Mar 2, 2021
Unrestricted File Upload in Form Framework
High
CVE-2021-21355
was published
for
typo3/cms
(Composer)
Mar 23, 2021
Broken Access Control in Form Framework
High
CVE-2021-21357
was published
for
typo3/cms
(Composer)
Mar 23, 2021
Improper Access Control in moodle
High
CVE-2020-25698
was published
for
moodle/moodle
(Composer)
Mar 29, 2021
Grav's Twig processing allowing dangerous PHP functions by default
High
CVE-2021-29440
was published
for
getgrav/grav
(Composer)
Apr 16, 2021
Composer's missing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial
High
CVE-2021-29472
was published
for
composer/composer
(Composer)
Apr 29, 2021
Cross-site scripting (XSS) from unsanitized uploaded SVG files in Kirby
High
CVE-2021-29460
was published
for
getkirby/cms
(Composer)
Apr 30, 2021
ProTip!
Advisories are also available from the
GraphQL API