Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,124
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,032 advisories

Loading
PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2... Moderate Unreviewed
CVE-2003-1410 was published Apr 29, 2022
PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0... Moderate Unreviewed
CVE-2003-1412 was published Apr 29, 2022
PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to... High Unreviewed
CVE-2003-1406 was published Apr 29, 2022
ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code,... Moderate Unreviewed
CVE-2003-1385 was published Apr 29, 2022
PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute... High Unreviewed
CVE-2003-1253 was published Apr 29, 2022
PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute... High Unreviewed
CVE-2003-1240 was published Apr 29, 2022
PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on... High Unreviewed
CVE-2003-1227 was published Apr 29, 2022
Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows... High Unreviewed
CVE-2003-0498 was published Apr 29, 2022
Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB... High Unreviewed
CVE-2003-0395 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom... High Unreviewed
CVE-2022-29814 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible Moderate Unreviewed
CVE-2022-29813 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible Moderate Unreviewed
CVE-2022-29815 was published Apr 29, 2022
In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation... High Unreviewed
CVE-2022-29821 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation... High Unreviewed
CVE-2022-29819 was published Apr 29, 2022
A vulnerability was reported in Lenovo System Update that could allow a local user with... High Unreviewed
CVE-2022-0354 was published Apr 23, 2022
Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so. High Unreviewed
CVE-2011-1830 was published Apr 22, 2022
The Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the... High Unreviewed
CVE-2022-0661 was published Apr 19, 2022
A zero-code remote code injection vulnerability via configuration.php in Chamilo LMS v1.11.13... High Unreviewed
CVE-2022-27427 was published Apr 16, 2022
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability... Critical Unreviewed
CVE-2022-22954 was published Apr 12, 2022
Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account... High Unreviewed
CVE-2021-39114 was published Apr 6, 2022
SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute... High Unreviewed
CVE-2022-26982 was published Apr 6, 2022
In all versions of GitLab CE/EE, certain Unicode characters can be abused to commit malicious... High Unreviewed
CVE-2021-39908 was published Apr 3, 2022
Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who... High Unreviewed
CVE-2022-1159 was published Apr 3, 2022
Clash for Windows v0.19.8 was discovered to allow arbitrary code execution via a crafted payload... Critical Unreviewed
CVE-2022-26255 was published Mar 29, 2022
Marky commit 3686565726c65756e was discovered to contain a remote code execution (RCE)... Critical Unreviewed
CVE-2022-26205 was published Mar 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database