GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,015

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,629 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH... Moderate Unreviewed

CVE-2022-29620 was published Jun 8, 2022

Emlog Pro 1.6.0 plugins upload suffers from a remote code execution (RCE) vulnerability. High Unreviewed

CVE-2022-42189 was published Oct 21, 2022

Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0... Moderate Unreviewed

CVE-2010-1475 was published May 17, 2022

Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code... High Unreviewed

CVE-2010-2329 was published May 17, 2022

vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug... Low Unreviewed

CVE-2010-2387 was published May 17, 2022

Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content Construction Kit (CCK) 5.x... Low Unreviewed

CVE-2008-6972 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in function.php in Zenphoto 1.1.7 allows remote... Moderate Unreviewed

CVE-2008-6925 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in messages.php in PHP-Fusion 6.01.17 and 7.00.3 allows... Moderate Unreviewed

CVE-2008-6850 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA Enterprise Edition 3.13 allows... Moderate Unreviewed

CVE-2008-6832 was published May 17, 2022

SQL injection vulnerability in default.asp in Cyberhost allows remote attackers to execute... High Unreviewed

CVE-2010-2142 was published May 17, 2022

Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow... High Unreviewed

CVE-2010-2135 was published May 17, 2022

Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not sign all... Moderate Unreviewed

CVE-2008-6909 was published May 17, 2022

Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, uses an insecure hash... High Unreviewed

CVE-2008-6908 was published May 17, 2022

SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to... High Unreviewed

CVE-2008-6890 was published May 17, 2022

The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal... Moderate Unreviewed

CVE-2010-2353 was published May 17, 2022

ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of... Moderate Unreviewed

CVE-2010-2156 was published May 17, 2022

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through... High Unreviewed

CVE-2010-2225 was published May 17, 2022

bozotic HTTP server (aka bozohttpd) 20090522 through 20100512 allows attackers to cause a denial... Moderate Unreviewed

CVE-2010-2195 was published May 17, 2022

Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 allows attackers to execute... High Unreviewed

CVE-2022-29735 was published Jun 3, 2022

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function... Moderate Unreviewed

CVE-2022-29780 was published Jun 3, 2022

elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=. Moderate Unreviewed

CVE-2022-30804 was published Jun 3, 2022

resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote... Moderate Unreviewed

CVE-2022-29540 was published Jun 3, 2022

An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to... High Unreviewed

CVE-2022-29725 was published Jun 3, 2022

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed

CVE-2022-30916 was published Jun 9, 2022

The FiboSearch WordPress plugin before 1.17.0 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2022-1469 was published Jun 9, 2022

Previous 1…361…400 Next

Previous 1 2 … 359 360 361 362 363 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,629 advisories