GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,090 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an... Moderate Unreviewed

CVE-2022-41258 was published Nov 9, 2022

The file upload function of Agentflow BPM has insufficient filtering for special characters in... Critical Unreviewed

CVE-2022-39036 was published Nov 10, 2022

A Stored Cross-Site Scripting vulnerability in Jira integration in GitLab EE affecting all... Moderate Unreviewed

CVE-2022-1940 was published Jun 7, 2022

Failed payment recorded has completed in Silverstripe Omnipay Low

CVE-2022-29254 was published for silverstripe/silverstripe-omnipay (Composer) Jun 6, 2022

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for... High Unreviewed

CVE-2021-1251 was published May 24, 2022

The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6... Moderate Unreviewed

CVE-2021-26072 was published May 24, 2022

Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22... High Unreviewed

CVE-2010-1875 was published May 17, 2022

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function... Critical Unreviewed

CVE-2021-42884 was published Jun 4, 2022

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey,... High Unreviewed

CVE-2021-42889 was published Jun 4, 2022

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed

CVE-2018-25012 was published May 24, 2022

Directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for Joomla!... Moderate Unreviewed

CVE-2010-1657 was published May 17, 2022

Multiple cross-site scripting (XSS) vulnerabilities in base/Comments.php in Webmobo WB News 2.3.3... Moderate Unreviewed

CVE-2010-1712 was published May 17, 2022

Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user... Moderate Unreviewed

CVE-2010-1679 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats 0.1.9.1 allows remote... Moderate Unreviewed

CVE-2008-6212 was published May 17, 2022

Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote... Moderate Unreviewed

CVE-2008-6211 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in... Moderate Unreviewed

CVE-2008-6360 was published May 17, 2022

SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows... High Unreviewed

CVE-2008-6326 was published May 17, 2022

SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allows remote attackers to... High Unreviewed

CVE-2008-6262 was published May 17, 2022

SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1... High Unreviewed

CVE-2008-6236 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote... Moderate Unreviewed

CVE-2008-6208 was published May 17, 2022

Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative... High Unreviewed

CVE-2008-6300 was published May 17, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in Streber before 0.08093 allow remote... Moderate Unreviewed

CVE-2008-6331 was published May 17, 2022

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote... Low Unreviewed

CVE-2008-6299 was published May 17, 2022

SQL injection vulnerability in submitticket.php in WHMCompleteSolution (WHMCS) 4.2 allows remote... High Unreviewed

CVE-2010-1702 was published May 17, 2022

SQL injection vulnerability in help-details.php in CLScript Classifieds Script allows remote... High Unreviewed

CVE-2010-1660 was published May 17, 2022

Previous 1…368…400 Next

Previous 1 2 … 366 367 368 369 370 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,090 advisories