Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,629 advisories

Loading
An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows... High Unreviewed
CVE-2021-33254 was published Jun 3, 2022
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This... Moderate Unreviewed
CVE-2022-21756 was published Jun 7, 2022
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2022-21752 was published Jun 7, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... High Unreviewed
CVE-2022-20806 was published May 28, 2022
LibreHealth EHR Base 2.0.0 allows interface/orders/patient_match_dialog.php key XSS. Moderate Unreviewed
CVE-2022-31498 was published Jun 7, 2022
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site... Moderate Unreviewed
CVE-2022-34218 was published Sep 17, 2022
An issue was discovered in swftools through 20201222 through a memory leak in the swftools when... High Unreviewed
CVE-2021-42197 was published Jun 3, 2022
In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-21748 was published Jun 7, 2022
Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows... Moderate Unreviewed
CVE-2010-1596 was published May 17, 2022
The installation of Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2, when both anti... Moderate Unreviewed
CVE-2008-7106 was published May 17, 2022
Multiple unspecified vulnerabilities in IBM WebSphere Commerce 6.0 before 6.0.0.7 have unknown... High Unreviewed
CVE-2008-6973 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows... Moderate Unreviewed
CVE-2010-2356 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote... Moderate Unreviewed
CVE-2010-2355 was published May 17, 2022
Apple Safari does not properly manage the address bar between the request to open a URL and the... Moderate Unreviewed
CVE-2010-2454 was published May 17, 2022
SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1... High Unreviewed
CVE-2010-2460 was published May 17, 2022
Winny 2.0b7.1 and earlier does not properly process BBS information, which has unspecified impact... High Unreviewed
CVE-2010-2361 was published May 17, 2022
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application... Moderate Unreviewed
CVE-2008-7195 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the default URI in Chris LaPointe... Moderate Unreviewed
CVE-2008-7134 was published May 17, 2022
Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors,... High Unreviewed
CVE-2008-7004 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Refine by Taxonomy 5.x before 5.x-0.1, a module for... Moderate Unreviewed
CVE-2008-7150 was published May 17, 2022
Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a... Moderate Unreviewed
CVE-2008-7105 was published May 17, 2022
Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier... High Unreviewed
CVE-2008-7126 was published May 17, 2022
Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to... Moderate Unreviewed
CVE-2008-7100 was published May 17, 2022
XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X... Moderate Unreviewed
CVE-2008-7129 was published May 17, 2022
PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3... High Unreviewed
CVE-2008-7034 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database