Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,996 advisories

Loading
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery... Critical Unreviewed
CVE-2021-41393 was published May 24, 2022
A remote denial of service (DoS) vulnerability was discovered in Aruba ClearPass Policy Manager... Moderate Unreviewed
CVE-2021-29152 was published May 24, 2022
HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously... High Unreviewed
CVE-2021-40862 was published May 24, 2022
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots... High Unreviewed
CVE-2021-35197 was published May 24, 2022
Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to... Moderate Unreviewed
CVE-2008-7131 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in onlinetools.org EasyImageCatalogue 1.3.1... Moderate Unreviewed
CVE-2008-7133 was published May 17, 2022
In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to... High Unreviewed
CVE-2021-0594 was published May 24, 2022
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco... High Unreviewed
CVE-2021-1623 was published May 24, 2022
Improper control of program execution vulnerability in RevoWorks Browser 2.1.230 and earlier... Critical Unreviewed
CVE-2021-20790 was published May 24, 2022
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept... Moderate Unreviewed
CVE-2021-36382 was published May 24, 2022
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive... High Unreviewed
CVE-2021-40875 was published May 24, 2022
An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass. High Unreviewed
CVE-2021-40104 was published May 24, 2022
Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown... Moderate Unreviewed
CVE-2008-6967 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Interchange 5.7 before 5.7.1, 5.6 before 5... Moderate Unreviewed
CVE-2008-6945 was published May 17, 2022
Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to... High Unreviewed
CVE-2008-6968 was published May 17, 2022
SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to execute arbitrary SQL... High Unreviewed
CVE-2008-6837 was published May 17, 2022
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x before 8.0.0.13, 8.5.0.x... Moderate Unreviewed
CVE-2016-2960 was published May 17, 2022
ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow,... Critical Unreviewed
CVE-2016-7134 was published May 17, 2022
The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary... Moderate Unreviewed
CVE-2016-5253 was published May 17, 2022
HyperStop Web Host Directory 1.2 allows remote attackers to bypass authentication and download a... Moderate Unreviewed
CVE-2008-7008 was published May 17, 2022
3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service... High Unreviewed
CVE-2008-6895 was published May 17, 2022
Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT... Moderate Unreviewed
CVE-2016-5268 was published May 17, 2022
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary... High Unreviewed
CVE-2008-6937 was published May 17, 2022
tnftpd before 20080929 splits large command strings into multiple commands, which allows remote... Moderate Unreviewed
CVE-2008-7016 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Web-UI in Fortinet FortiManager 5.x before 5.0.12... Moderate Unreviewed
CVE-2016-3195 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database