GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,549
Maven
5,000+
npm
5,000+
NuGet
917
pip
4,798
Pub
13
RubyGems
1,038
Rust
1,237
Swift
53
Unreviewed advisories
All unreviewed
5,000+
29,215 advisories
Filter by severity
Drupal Cross-Site Scripting (XSS) affecting CKEditor Third-party library
Moderate
GHSA-qf65-hph9-453r
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Arbitrary PHP code execution
High
GHSA-j66p-fvp2-fxhj
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core uses a vulnerable Third-party library CKEditor
Moderate
GHSA-337w-fxpq-5m34
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Open Redirect vulnerability
Moderate
GHSA-wxfg-253g-m7r4
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_Tar
High
GHSA-m9fv-whq2-6wmc
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Access control bypass
Moderate
GHSA-5x28-3f32-x523
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Denial of Service
Moderate
GHSA-w333-5f96-mjrr
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Remote Code Execution
Critical
GHSA-jf8c-36vw-98x4
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution
Critical
GHSA-jjx7-8462-w4m4
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Malicious file upload with filenames stating with dot
Moderate
GHSA-58xv-7h9r-mx3c
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Anonymous Open Redirect
Moderate
GHSA-x6v2-xmrq-574j
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Content moderation Access bypass
Moderate
GHSA-86xw-vmcx-9mj4
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect
Moderate
GHSA-r67r-42wx-c8r7
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Cross-Site Scripting (XSS) vulnerabilities
Moderate
GHSA-vfgc-c76h-mwh4
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Arbitrary PHP code execution
High
GHSA-gxxj-g9v8-w28p
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Open Redirect vulnerability
Moderate
GHSA-6gf6-24h2-66j4
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core uses a vulnerable Third-party library CKEditor
Moderate
GHSA-v273-j5hq-26xp
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_Tar
High
GHSA-98h9-727m-44qv
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Access bypass
Moderate
GHSA-mh4h-27gq-cxwj
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core unrestricted file upload
Moderate
GHSA-7gwj-7fhm-vw4w
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Denial of Service
Moderate
GHSA-pr99-c33p-fwf6
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution
Critical
GHSA-7v68-3pr5-h3cr
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal core Remote Code Execution
Critical
GHSA-6mgp-v5cm-ghg5
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal Anonymous Open Redirect
Moderate
GHSA-gfvf-2f25-f34r
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect
Moderate
GHSA-7f4f-p7mq-p4fv
was published
for
drupal/core
(Composer)
May 15, 2024
ProTip!
Advisories are also available from the
GraphQL API