Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,986
Erlang
39
GitHub Actions
38
Go
2,626
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
954
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,798 advisories

Loading
Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote... Moderate Unreviewed
CVE-2008-6173 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows... Moderate Unreviewed
CVE-2008-6130 was published May 17, 2022
SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to... High Unreviewed
CVE-2008-6155 was published May 17, 2022
XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers... High Unreviewed
CVE-2010-2245 was published May 17, 2022
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL... High Unreviewed
CVE-2008-6376 was published May 17, 2022
Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack... Moderate Unreviewed
CVE-2008-6128 was published May 17, 2022
Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a... Critical Unreviewed
CVE-2012-2781 was published May 17, 2022
Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability. High Unreviewed
CVE-2017-3110 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz Classifieds Script allows... Moderate Unreviewed
CVE-2008-6306 was published May 17, 2022
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain... High Unreviewed
CVE-2020-19150 was published May 24, 2022
IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters. This may... Moderate Unreviewed
CVE-2021-20582 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content... Low Unreviewed
CVE-2008-6229 was published May 17, 2022
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled... Moderate Unreviewed
CVE-2008-6304 was published May 17, 2022
Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass... Moderate Unreviewed
CVE-2008-6298 was published May 17, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... Moderate Unreviewed
CVE-2022-26976 was published Jun 3, 2022
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection... High Unreviewed
CVE-2022-30425 was published Jun 3, 2022
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in ... Critical Unreviewed
CVE-2022-30478 was published Jun 3, 2022
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to... Critical Unreviewed
CVE-2022-29777 was published Jun 3, 2022
Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to transmit and... Moderate Unreviewed
CVE-2022-29733 was published Jun 3, 2022
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious... High Unreviewed
CVE-2022-29483 was published Jun 3, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... High Unreviewed
CVE-2022-26975 was published Jun 3, 2022
Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine... High Unreviewed
CVE-2022-29695 was published Jun 3, 2022
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject... High Unreviewed
CVE-2022-30496 was published Jun 3, 2022
Cross site scripting in librenms Moderate
CVE-2022-29711 was published for librenms/librenms (Composer) Jun 3, 2022
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes... Moderate Unreviewed
CVE-2022-29731 was published Jun 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database