Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,531 advisories

Loading
PHP Code Injection by malicious block or filename in Smarty High
CVE-2022-29221 was published for smarty/smarty (Composer) May 25, 2022
altm4n
PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in... High Unreviewed
CVE-2010-2341 was published May 17, 2022
Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution... High Unreviewed
CVE-2020-28695 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code... High Unreviewed
CVE-2020-4520 was published May 24, 2022
PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote... High Unreviewed
CVE-2010-2137 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1 beta allow... High Unreviewed
CVE-2010-2132 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote... High Unreviewed
CVE-2010-2005 was published May 17, 2022
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands... High Unreviewed
CVE-2010-2626 was published May 17, 2022
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote... High Unreviewed
CVE-2010-2127 was published May 17, 2022
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x... High Unreviewed
CVE-2021-23013 was published May 24, 2022
PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to... High Unreviewed
CVE-2008-7000 was published May 17, 2022
A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat... High Unreviewed
CVE-2020-22120 was published May 24, 2022
In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute... High Unreviewed
CVE-2021-25264 was published May 24, 2022
PHP remote file inclusion vulnerability in ListRecords.php in osprey 1.0a4.1 allows remote... High Unreviewed
CVE-2008-6807 was published May 17, 2022
phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize... High Unreviewed
CVE-2020-22201 was published May 24, 2022
The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files,... High Unreviewed
CVE-2021-24347 was published May 24, 2022
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller... High Unreviewed
CVE-2020-21650 was published May 24, 2022
PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3... High Unreviewed
CVE-2008-7034 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers... High Unreviewed
CVE-2010-2126 was published May 17, 2022
The software contains a hard-coded password it uses for its own inbound authentication or for... High Unreviewed
CVE-2021-27438 was published May 24, 2022
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and... High Unreviewed
CVE-2021-3115 was published May 24, 2022
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary... High Unreviewed
CVE-2008-6937 was published May 17, 2022
PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers... High Unreviewed
CVE-2008-6491 was published May 17, 2022
PHP remote file inclusion vulnerability in news/include/createdb.php in Web Server Creator Web... High Unreviewed
CVE-2008-6545 was published May 17, 2022
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF)... High Unreviewed
CVE-2008-6544 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database