GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,203 advisories
Filter by severity
There is a logic bypass vulnerability in smartphones. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-22430
was published
Feb 26, 2022
The Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the...
High
Unreviewed
CVE-2022-0661
was published
Apr 19, 2022
A vulnerability was reported in Lenovo System Update that could allow a local user with...
High
Unreviewed
CVE-2022-0354
was published
Apr 23, 2022
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete...
High
Unreviewed
CVE-2017-16544
was published
May 13, 2022
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to...
High
Unreviewed
CVE-2022-3383
was published
Nov 29, 2022
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to...
High
Unreviewed
CVE-2022-3384
was published
Nov 29, 2022
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with...
Critical
Unreviewed
CVE-2021-20623
was published
May 24, 2022
The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through...
Critical
Unreviewed
CVE-2020-10666
was published
May 24, 2022
PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when...
Moderate
Unreviewed
CVE-2010-2677
was published
May 17, 2022
phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php.
Critical
Unreviewed
CVE-2020-21784
was published
May 24, 2022
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request...
Critical
Unreviewed
CVE-2021-26810
was published
May 24, 2022
PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in...
High
Unreviewed
CVE-2010-2341
was published
May 17, 2022
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4...
Critical
Unreviewed
CVE-2020-25414
was published
May 24, 2022
Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution...
High
Unreviewed
CVE-2020-28695
was published
May 24, 2022
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40...
Critical
Unreviewed
CVE-2021-22519
was published
May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code...
High
Unreviewed
CVE-2020-4520
was published
May 24, 2022
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,...
Moderate
Unreviewed
CVE-2021-29113
was published
Dec 8, 2021
PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote...
High
Unreviewed
CVE-2010-2137
was published
May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1 beta allow...
High
Unreviewed
CVE-2010-2132
was published
May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote...
High
Unreviewed
CVE-2010-2005
was published
May 17, 2022
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when...
Moderate
Unreviewed
CVE-2010-2618
was published
May 17, 2022
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands...
High
Unreviewed
CVE-2010-2626
was published
May 17, 2022
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote...
High
Unreviewed
CVE-2010-2127
was published
May 17, 2022
PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2,...
Moderate
Unreviewed
CVE-2010-2358
was published
May 17, 2022
Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka...
Moderate
Unreviewed
CVE-2010-1546
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API