Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,203 advisories

Loading
There is a logic bypass vulnerability in smartphones. Successful exploitation of this... Critical Unreviewed
CVE-2021-22430 was published Feb 26, 2022
The Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the... High Unreviewed
CVE-2022-0661 was published Apr 19, 2022
A vulnerability was reported in Lenovo System Update that could allow a local user with... High Unreviewed
CVE-2022-0354 was published Apr 23, 2022
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete... High Unreviewed
CVE-2017-16544 was published May 13, 2022
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to... High Unreviewed
CVE-2022-3383 was published Nov 29, 2022
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to... High Unreviewed
CVE-2022-3384 was published Nov 29, 2022
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with... Critical Unreviewed
CVE-2021-20623 was published May 24, 2022
The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through... Critical Unreviewed
CVE-2020-10666 was published May 24, 2022
PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when... Moderate Unreviewed
CVE-2010-2677 was published May 17, 2022
phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. Critical Unreviewed
CVE-2020-21784 was published May 24, 2022
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request... Critical Unreviewed
CVE-2021-26810 was published May 24, 2022
PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in... High Unreviewed
CVE-2010-2341 was published May 17, 2022
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4... Critical Unreviewed
CVE-2020-25414 was published May 24, 2022
Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution... High Unreviewed
CVE-2020-28695 was published May 24, 2022
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40... Critical Unreviewed
CVE-2021-22519 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code... High Unreviewed
CVE-2020-4520 was published May 24, 2022
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,... Moderate Unreviewed
CVE-2021-29113 was published Dec 8, 2021
PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote... High Unreviewed
CVE-2010-2137 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1 beta allow... High Unreviewed
CVE-2010-2132 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote... High Unreviewed
CVE-2010-2005 was published May 17, 2022
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when... Moderate Unreviewed
CVE-2010-2618 was published May 17, 2022
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands... High Unreviewed
CVE-2010-2626 was published May 17, 2022
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote... High Unreviewed
CVE-2010-2127 was published May 17, 2022
PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2,... Moderate Unreviewed
CVE-2010-2358 was published May 17, 2022
Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka... Moderate Unreviewed
CVE-2010-1546 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API