GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
522 advisories
The ADOdb sqlite3 driver allows SQL injection
Critical
CVE-2025-54119
was published
for
adodb/adodb-php
(Composer)
Aug 4, 2025
RoadRunner is at risk of HTTP Request/Response Smuggling through vulnerable dependency
Critical
CVE-2025-22871
was published
for
spiral/roadrunner
(Composer)
Apr 8, 2025
Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled
Critical
CVE-2024-56145
was published
for
craftcms/cms
(Composer)
Dec 18, 2024
Code Injection in PHPUnit
Critical
CVE-2017-9841
was published
for
phpunit/phpunit
(Composer)
Mar 26, 2022
PrestaShop Checkout allows customer account takeover via email
Critical
CVE-2025-61922
was published
for
prestashop/ps_checkout
(Composer)
Oct 16, 2025
bagisto has CSV Formula Injection in Create New Product
Critical
CVE-2025-62417
was published
for
bagisto/bagisto
(Composer)
Oct 16, 2025
Mautic allows Remote Code Execution and File Deletion in Asset Uploads
Critical
CVE-2024-47051
was published
for
mautic/core
(Composer)
Feb 26, 2025
Melis Platform CMS Unauthenticated File Upload Leading to RCE
Critical
CVE-2025-10353
was published
for
melisplatform/melis-cms-slider
(Composer)
Oct 8, 2025
Melis Platform CMS Unauthenticated Admin Account Creation
Critical
CVE-2025-10352
was published
for
melisplatform/melis-core
(Composer)
Oct 8, 2025
Melis Platform CMS SQL Injection
Critical
CVE-2025-10351
was published
for
melisplatform/melis-cms
(Composer)
Oct 8, 2025
Livewire is vulnerable to remote command execution during component property update hydration
Critical
CVE-2025-54068
was published
for
livewire/livewire
(Composer)
Jul 17, 2025
CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability
Critical
CVE-2025-54418
was published
for
codeigniter4/framework
(Composer)
Jul 28, 2025
ProTip!
Advisories are also available from the
GraphQL API