Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,395 advisories

Loading
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-14041 was published for bootstrap (RubyGems) Sep 13, 2018
jenhae
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-14042 was published for bootstrap (RubyGems) Sep 13, 2018
tdunlap607 1Jesper1
Ckeditor XSS Vulnerability Moderate
CVE-2018-17960 was published for ckeditor (Composer) Nov 21, 2018
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2016-10735 was published for bootstrap (RubyGems) Jan 17, 2019
roka-actico
XSS vulnerability that affects bootstrap Moderate
CVE-2018-20676 was published for bootstrap (RubyGems) Jan 17, 2019
tdunlap607
bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-20677 was published for bootstrap (RubyGems) Jan 17, 2019
tdunlap607
Bootstrap Vulnerable to Cross-Site Scripting Moderate
CVE-2019-8331 was published for Bootstrap.Less (RubyGems) Feb 22, 2019
Moderate severity vulnerability that affects league/commonmark Moderate
CVE-2019-10010 was published for league/commonmark (Composer) Sep 17, 2019
Missing Authorization in Drupal Moderate
CVE-2017-6923 was published for drupal/core (Composer) Oct 10, 2019
Missing Authentication for Critical Function in LibreNMS Moderate
CVE-2019-10668 was published for librenms/librenms (Composer) Oct 11, 2019
Exposure of Sensitive Information to an Unauthorized Actor in LibreNMS Moderate
CVE-2019-10667 was published for librenms/librenms (Composer) Oct 11, 2019
Cross-site Scripting in YII2-CMS Moderate
CVE-2019-16130 was published for yii2mod/yii2-cms (Composer) Oct 14, 2019
Incorrect Access Control vulnerability in api-platform/core Moderate
CVE-2019-1000011 was published for api-platform/core (Composer) Oct 14, 2019
Cross-site Scripting in Bolt Moderate
CVE-2019-15485 was published for bolt/bolt (Composer) Nov 8, 2019
Cross-site scripting in Dolibarr Moderate
CVE-2019-16197 was published for dolibarr/dolibarr (Composer) Nov 8, 2019
Cross-site Scripting in Grav Moderate
CVE-2019-16126 was published for getgrav/grav (Composer) Nov 8, 2019
Authorization Bypass Through User-Controlled Key in Bagisto Moderate
CVE-2019-16403 was published for bagisto/bagisto (Composer) Nov 8, 2019
Information disclosure through processing of external XML entities Moderate
CVE-2019-8126 was published for magento/community-edition (Composer) Nov 12, 2019
Bypass of sitemp access restrictions Moderate
CVE-2019-8133 was published for magento/community-edition (Composer) Nov 12, 2019
Magento Cross-Site Scripting via Attribute Set Name Moderate
CVE-2019-8145 was published for magento/community-edition (Composer) Nov 12, 2019
Composer JavaScript injection possible via html comments Moderate
CVE-2019-8233 was published for magento/community-edition (Composer) Nov 12, 2019
Symfony Cross-site Scripting (XSS) vulnerability Moderate
CVE-2019-10909 was published for drupal/core (Composer) Nov 12, 2019
SilverStripe Versioned Files module Unpublished files are exposed publicly Moderate
CVE-2019-16409 was published for silverstripe/framework (Composer) Nov 12, 2019
Session fixation in change password form Moderate
CVE-2019-12203 was published for silverstripe/framework (Composer) Nov 12, 2019
Lack of access control on upoaded files Moderate
CVE-2019-12245 was published for silverstripe/assets (Composer) Nov 12, 2019
ProTip! Advisories are also available from the GraphQL API