Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,328
Maven
5,000+
npm
3,965
NuGet
712
pip
3,745
Pub
12
RubyGems
921
Rust
974
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,531 advisories

Loading
PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote... High Unreviewed
CVE-2010-2137 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1 beta allow... High Unreviewed
CVE-2010-2132 was published May 17, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code... High Unreviewed
CVE-2020-4520 was published May 24, 2022
Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution... High Unreviewed
CVE-2020-28695 was published May 24, 2022
PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in... High Unreviewed
CVE-2010-2341 was published May 17, 2022
PHP Code Injection by malicious block or filename in Smarty High
CVE-2022-29221 was published for smarty/smarty (Composer) May 25, 2022
altm4n
Improper Control of Generation of Code in doT High
CVE-2020-8141 was published for dot (npm) May 24, 2022
Prototype pollution in dojo High
CVE-2020-5258 was published for dojo (npm) Mar 10, 2020
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to... High Unreviewed
CVE-2022-3383 was published Nov 29, 2022
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to... High Unreviewed
CVE-2022-3384 was published Nov 29, 2022
PHPMailer susceptible to arbitrary code execution High
CVE-2008-5619 was published for phpmailer/phpmailer (Composer) May 14, 2022
jhutchings1
A vulnerability was reported in Lenovo System Update that could allow a local user with... High Unreviewed
CVE-2022-0354 was published Apr 23, 2022
The Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the... High Unreviewed
CVE-2022-0661 was published Apr 19, 2022
PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote... High Unreviewed
CVE-2010-3205 was published May 17, 2022
Code Injection in Bolt CMS High
CVE-2021-40219 was published for bolt/core (Composer) Apr 12, 2022
PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites ... High Unreviewed
CVE-2010-2918 was published May 17, 2022
Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16... High Unreviewed
CVE-2021-45661 was published Dec 27, 2021
A zero-code remote code injection vulnerability via configuration.php in Chamilo LMS v1.11.13... High Unreviewed
CVE-2022-27427 was published Apr 16, 2022
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00... High Unreviewed
CVE-2021-45656 was published Dec 27, 2021
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00... High Unreviewed
CVE-2021-45657 was published Dec 27, 2021
Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16... High Unreviewed
CVE-2021-45660 was published Dec 27, 2021
Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16... High Unreviewed
CVE-2021-45659 was published Dec 27, 2021
Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to... High Unreviewed
CVE-2010-3204 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in DiY-CMS 1.0 allow remote attackers to... High Unreviewed
CVE-2010-3206 was published May 17, 2022
Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who... High Unreviewed
CVE-2022-1159 was published Apr 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database