Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,901
Maven
5,000+
npm
3,631
NuGet
638
pip
3,245
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

791 advisories

Loading
CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x... Moderate Unreviewed
CVE-2010-4572 was published May 17, 2022
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which... Moderate Unreviewed
CVE-2021-38745 was published Mar 22, 2022
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly... Moderate Unreviewed
CVE-2010-2809 was published May 17, 2022
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection. Moderate Unreviewed
CVE-2021-45655 was published Dec 27, 2021
PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when... Moderate Unreviewed
CVE-2010-2677 was published May 17, 2022
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,... Moderate Unreviewed
CVE-2021-29113 was published Dec 8, 2021
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when... Moderate Unreviewed
CVE-2010-2618 was published May 17, 2022
PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2,... Moderate Unreviewed
CVE-2010-2358 was published May 17, 2022
PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when... Moderate Unreviewed
CVE-2010-1978 was published May 17, 2022
Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka... Moderate Unreviewed
CVE-2010-1546 was published May 17, 2022
MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel.... Moderate Unreviewed
CVE-2021-39402 was published May 24, 2022
Multiple PHP remote file inclusion vulnerabilities in openMairie openCimetiere 2.01, when... Moderate Unreviewed
CVE-2010-1944 was published May 17, 2022
The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers... Moderate Unreviewed
CVE-2008-6531 was published May 17, 2022
Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors... Moderate Unreviewed
CVE-2008-6373 was published May 17, 2022
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals... Moderate Unreviewed
CVE-2008-7183 was published May 17, 2022
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when... Moderate Unreviewed
CVE-2010-1528 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when... Moderate Unreviewed
CVE-2008-7152 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote attackers to... Moderate Unreviewed
CVE-2008-6840 was published May 17, 2022
Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. Moderate Unreviewed
CVE-2022-2014 was published Jun 10, 2022
PHP remote file inclusion vulnerability in include/class_yapbbcooker.php in YapBB 1.2.Beta 2... Moderate Unreviewed
CVE-2008-5947 was published May 17, 2022
PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when... Moderate Unreviewed
CVE-2008-6103 was published May 17, 2022
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of... Moderate Unreviewed
CVE-2017-6325 was published May 17, 2022
A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed to load arbitrary code when... Moderate Unreviewed
CVE-2020-8140 was published May 24, 2022
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm... Moderate Unreviewed
CVE-2010-4410 was published May 17, 2022
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to... Moderate Unreviewed
CVE-2021-27611 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API