Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,328
Maven
5,000+
npm
3,965
NuGet
712
pip
3,745
Pub
12
RubyGems
921
Rust
974
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,460 advisories

Loading
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote... High Unreviewed
CVE-2010-2127 was published May 17, 2022
PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2,... Moderate Unreviewed
CVE-2010-2358 was published May 17, 2022
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when... Moderate Unreviewed
CVE-2010-2618 was published May 17, 2022
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands... High Unreviewed
CVE-2010-2626 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote... High Unreviewed
CVE-2010-2005 was published May 17, 2022
PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote... High Unreviewed
CVE-2010-2137 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1 beta allow... High Unreviewed
CVE-2010-2132 was published May 17, 2022
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,... Moderate Unreviewed
CVE-2021-29113 was published Dec 8, 2021
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40... Critical Unreviewed
CVE-2021-22519 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code... High Unreviewed
CVE-2020-4520 was published May 24, 2022
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4... Critical Unreviewed
CVE-2020-25414 was published May 24, 2022
Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution... High Unreviewed
CVE-2020-28695 was published May 24, 2022
PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in... High Unreviewed
CVE-2010-2341 was published May 17, 2022
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request... Critical Unreviewed
CVE-2021-26810 was published May 24, 2022
phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. Critical Unreviewed
CVE-2020-21784 was published May 24, 2022
PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when... Moderate Unreviewed
CVE-2010-2677 was published May 17, 2022
Improper Control of Generation of Code in HawtJNI Moderate
CVE-2013-2035 was published for org.fusesource.hawtjni:hawtjni-runtime (Maven) May 17, 2022
The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through... Critical Unreviewed
CVE-2020-10666 was published May 24, 2022
PHP Code Injection by malicious block or filename in Smarty High
CVE-2022-29221 was published for smarty/smarty (Composer) May 25, 2022
altm4n
@pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution Critical
CVE-2022-25644 was published for @pendo324/get-process-by-name (npm) Aug 29, 2022
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with... Critical Unreviewed
CVE-2021-20623 was published May 24, 2022
Improper Control of Generation of Code in doT High
CVE-2020-8141 was published for dot (npm) May 24, 2022
Prototype pollution in dojo High
CVE-2020-5258 was published for dojo (npm) Mar 10, 2020
Improper Control of Generation of Code in Apache Kafka Moderate
CVE-2018-1288 was published for org.apache.kafka:kafka (Maven) May 13, 2022
Improper Control of Generation of Code in Spring Security Moderate
CVE-2011-2732 was published for org.springframework.security:spring-security-core (Maven) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database