GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
819 advisories
Filter by severity
CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x...
Moderate
Unreviewed
CVE-2010-4572
was published
May 17, 2022
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which...
Moderate
Unreviewed
CVE-2021-38745
was published
Mar 22, 2022
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly...
Moderate
Unreviewed
CVE-2010-2809
was published
May 17, 2022
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection.
Moderate
Unreviewed
CVE-2021-45655
was published
Dec 27, 2021
PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when...
Moderate
Unreviewed
CVE-2010-2677
was published
May 17, 2022
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,...
Moderate
Unreviewed
CVE-2021-29113
was published
Dec 8, 2021
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when...
Moderate
Unreviewed
CVE-2010-2618
was published
May 17, 2022
PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2,...
Moderate
Unreviewed
CVE-2010-2358
was published
May 17, 2022
PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when...
Moderate
Unreviewed
CVE-2010-1978
was published
May 17, 2022
Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka...
Moderate
Unreviewed
CVE-2010-1546
was published
May 17, 2022
MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel....
Moderate
Unreviewed
CVE-2021-39402
was published
May 24, 2022
Multiple PHP remote file inclusion vulnerabilities in openMairie openCimetiere 2.01, when...
Moderate
Unreviewed
CVE-2010-1944
was published
May 17, 2022
The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers...
Moderate
Unreviewed
CVE-2008-6531
was published
May 17, 2022
Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors...
Moderate
Unreviewed
CVE-2008-6373
was published
May 17, 2022
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals...
Moderate
Unreviewed
CVE-2008-7183
was published
May 17, 2022
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when...
Moderate
Unreviewed
CVE-2010-1528
was published
May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when...
Moderate
Unreviewed
CVE-2008-7152
was published
May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote attackers to...
Moderate
Unreviewed
CVE-2008-6840
was published
May 17, 2022
Code Injection in GitHub repository jgraph/drawio prior to 19.0.2.
Moderate
Unreviewed
CVE-2022-2014
was published
Jun 10, 2022
PHP remote file inclusion vulnerability in include/class_yapbbcooker.php in YapBB 1.2.Beta 2...
Moderate
Unreviewed
CVE-2008-5947
was published
May 17, 2022
PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when...
Moderate
Unreviewed
CVE-2008-6103
was published
May 17, 2022
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of...
Moderate
Unreviewed
CVE-2017-6325
was published
May 17, 2022
A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed to load arbitrary code when...
Moderate
Unreviewed
CVE-2020-8140
was published
May 24, 2022
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm...
Moderate
Unreviewed
CVE-2010-4410
was published
May 17, 2022
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to...
Moderate
Unreviewed
CVE-2021-27611
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API