Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,016 advisories

Loading
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a... Moderate Unreviewed
CVE-2021-26347 was published May 12, 2022
The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers... Moderate Unreviewed
CVE-2008-6531 was published May 17, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on... Low Unreviewed
CVE-2020-10930 was published May 24, 2022
The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the... Moderate Unreviewed
CVE-2021-24238 was published May 24, 2022
Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Portal Script allow remote... High Unreviewed
CVE-2010-1605 was published May 17, 2022
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a... High Unreviewed
CVE-2010-1574 was published May 17, 2022
Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery... High Unreviewed
CVE-2010-1577 was published May 17, 2022
SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allows remote attackers to... High Unreviewed
CVE-2010-1499 was published May 17, 2022
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt... High Unreviewed
CVE-2010-1588 was published May 17, 2022
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows... Moderate Unreviewed
CVE-2010-1494 was published May 17, 2022
Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in... High Unreviewed
CVE-2017-8518 was published May 17, 2022
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers... High Unreviewed
CVE-2008-6136 was published May 17, 2022
Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote... High Unreviewed
CVE-2008-6207 was published May 17, 2022
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows... High Unreviewed
CVE-2010-1531 was published May 17, 2022
Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3... High Unreviewed
CVE-2008-6158 was published May 17, 2022
EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions... High Unreviewed
CVE-2008-6137 was published May 17, 2022
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Avaya one-X... Moderate Unreviewed
CVE-2008-6140 was published May 17, 2022
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. High Unreviewed
CVE-2017-3107 was published May 17, 2022
In all Qualcomm products with Android release from CAF using the Linux kernel, while processing... High Unreviewed
CVE-2017-8273 was published May 17, 2022
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack... Moderate Unreviewed
CVE-2008-6131 was published May 17, 2022
Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a... Critical Unreviewed
CVE-2012-2773 was published May 17, 2022
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. Critical Unreviewed
CVE-2017-3108 was published May 17, 2022
Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability.... High Unreviewed
CVE-2017-11278 was published May 17, 2022
The auto-complete functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4... Low Unreviewed
CVE-2010-1548 was published May 17, 2022
SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers... High Unreviewed
CVE-2010-1599 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database