Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,419 advisories

Loading
Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote... Moderate Unreviewed
CVE-2008-6476 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and... Moderate Unreviewed
CVE-2008-6450 was published May 17, 2022
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for... High Unreviewed
CVE-2010-1874 was published May 17, 2022
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr)... High Unreviewed
CVE-2010-1980 was published May 17, 2022
Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related... High Unreviewed
CVE-2008-6598 was published May 17, 2022
Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880... Moderate Unreviewed
CVE-2010-1979 was published May 17, 2022
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite ... High Unreviewed
CVE-2010-1952 was published May 17, 2022
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2... High Unreviewed
CVE-2010-1955 was published May 17, 2022
The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent... Moderate Unreviewed
CVE-2010-1914 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in openMairie openCimetiere 2.01, when... Moderate Unreviewed
CVE-2010-1944 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor... Moderate Unreviewed
CVE-2008-6448 was published May 17, 2022
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin... Critical Unreviewed
CVE-2022-31953 was published Jun 3, 2022
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin... Critical Unreviewed
CVE-2022-31964 was published Jun 3, 2022
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams... Critical Unreviewed
CVE-2022-31959 was published Jun 3, 2022
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c. High Unreviewed
CVE-2022-32200 was published Jun 3, 2022
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in... Moderate Unreviewed
CVE-2022-31796 was published Jun 3, 2022
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program... Moderate Unreviewed
CVE-2022-29767 was published Jun 4, 2022
Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote... Moderate Unreviewed
CVE-2008-6610 was published May 17, 2022
The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent... Moderate Unreviewed
CVE-2010-1915 was published May 17, 2022
Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context... Moderate Unreviewed
CVE-2010-1917 was published May 17, 2022
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to... High Unreviewed
CVE-2022-26364 was published Jun 10, 2022
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to... Moderate Unreviewed
CVE-2022-28330 was published Jun 10, 2022
A reflected cross-site scripting (XSS) vulnerability exists in the playerConfUrl parameter in the... Moderate Unreviewed
CVE-2022-2035 was published Jun 10, 2022
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where... High Unreviewed
CVE-2022-30522 was published Jun 10, 2022
In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. Moderate Unreviewed
CVE-2022-32202 was published Jun 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database