Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,328
Maven
5,000+
npm
3,965
NuGet
712
pip
3,745
Pub
12
RubyGems
921
Rust
974
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,531 advisories

Loading
phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated... High Unreviewed
CVE-2015-3638 was published May 17, 2022
Code injection in grav High
CVE-2022-2073 was published for getgrav/grav (Composer) Jun 30, 2022
** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary... High Unreviewed
CVE-2017-9442 was published May 17, 2022
Code injection in Elefant CMS High
CVE-2017-20064 was published for elefant/cms (Composer) Jun 21, 2022
phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters,... High Unreviewed
CVE-2015-3640 was published May 17, 2022
A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This... High Unreviewed
CVE-2017-20086 was published Jun 24, 2022
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails... High Unreviewed
CVE-2017-11421 was published May 17, 2022
Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730,... High Unreviewed
CVE-2021-44235 was published Dec 15, 2021
flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user... High Unreviewed
CVE-2021-41402 was published Jun 17, 2022
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797... High Unreviewed
CVE-2008-4810 was published May 17, 2022
Unspecified vulnerability in PHPCow allows remote attackers to execute arbitrary code via unknown... High Unreviewed
CVE-2008-5227 was published May 17, 2022
PHP remote file inclusion vulnerability in modules/mod_mainmenu.php in MosXML 1 Alpha allows... High Unreviewed
CVE-2008-5206 was published May 17, 2022
Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier,... High Unreviewed
CVE-2008-5499 was published May 17, 2022
The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon... High Unreviewed
CVE-2022-0863 was published Jun 14, 2022
During installation with certain driver software or application packages an arbitrary code... High Unreviewed
CVE-2020-28419 was published May 24, 2022
The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 (stable) allows remote... High Unreviewed
CVE-2008-4798 was published May 17, 2022
PHP remote file inclusion vulnerability in read.php in Chattaitaliano Istant-Replay allows remote... High Unreviewed
CVE-2008-4911 was published May 17, 2022
PHP remote file inclusion vulnerability in include.php in PHPOutsourcing IdeaBox (aka IdeBox) 1.1... High Unreviewed
CVE-2008-5199 was published May 17, 2022
Unspecified vulnerability in testMaker before 3.0p16 allows remote authenticated users to execute... High Unreviewed
CVE-2008-5173 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in RobotStats 0.1 allow remote attackers to... High Unreviewed
CVE-2008-6206 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT EasySite 2.0 allow remote... High Unreviewed
CVE-2008-6196 was published May 17, 2022
Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and thus allows rogue software... High Unreviewed
CVE-2021-38142 was published May 24, 2022
Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via... High Unreviewed
CVE-2008-6543 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 allow remote attackers to... High Unreviewed
CVE-2008-6066 was published May 17, 2022
Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index... High Unreviewed
CVE-2020-20124 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database