Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

13 advisories

Loading
Moodle Arbitrary PHP code execution by site admins via Shibboleth configuration High
CVE-2021-20187 was published for moodle/moodle (Composer) May 24, 2022
Drupal Remote code execution High
CVE-2017-6381 was published for drupal/core (Composer) May 13, 2022
WeasyPrint allows the attachment of arbitrary files and URLs to a PDF High
CVE-2024-28184 was published for weasyprint (pip) Mar 8, 2024
nullie
Apache HDFS Provider error message suggested High
CVE-2023-41267 was published for apache-airflow-providers-apache-hdfs (pip) Sep 14, 2023
oscerd
Magento remote code execution vulnerability High
CVE-2019-8154 was published for magento/community-edition (Composer) May 24, 2022
Composer code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php High
CVE-2024-24821 was published for composer/composer (Composer) Feb 8, 2024
edonsec
PHPMailer untrusted code may be run from an overridden address validator High
CVE-2021-3603 was published for phpmailer/phpmailer (Composer) Jun 22, 2021
0xcrypto
Unintended Require in larvitbase-api High
CVE-2019-5479 was published for larvitbase-api (npm) Sep 11, 2019
Embedded malware in ua-parser-js High
GHSA-pjwm-rvh2-c87w was published for ua-parser-js (npm) Oct 22, 2021
xtqqczze
Eclipse Vorto resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS High
CVE-2019-10248 was published for org.eclipse.vorto:org.eclipse.vorto.core (Maven) May 24, 2022
High severity vulnerability that affects generator-jhipster High
GHSA-mc84-xr9p-938r was published for generator-jhipster (npm) Sep 23, 2019
ProTip! Advisories are also available from the GraphQL API