Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,427
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

913 advisories

Loading
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when... Moderate Unreviewed
CVE-2008-7152 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote attackers to... Moderate Unreviewed
CVE-2008-6840 was published May 17, 2022
Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. Moderate Unreviewed
CVE-2022-2014 was published Jun 10, 2022
PHP remote file inclusion vulnerability in include/class_yapbbcooker.php in YapBB 1.2.Beta 2... Moderate Unreviewed
CVE-2008-5947 was published May 17, 2022
PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when... Moderate Unreviewed
CVE-2008-6103 was published May 17, 2022
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of... Moderate Unreviewed
CVE-2017-6325 was published May 17, 2022
A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed to load arbitrary code when... Moderate Unreviewed
CVE-2020-8140 was published May 24, 2022
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm... Moderate Unreviewed
CVE-2010-4410 was published May 17, 2022
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to... Moderate Unreviewed
CVE-2021-27611 was published May 24, 2022
The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and... Moderate Unreviewed
CVE-2010-2761 was published May 17, 2022
SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740,... Moderate Unreviewed
CVE-2020-6296 was published May 24, 2022
The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote... Moderate Unreviewed
CVE-2016-1413 was published May 17, 2022
PHP remote file inclusion vulnerability in the fetchView function in the... Moderate Unreviewed
CVE-2015-1399 was published May 17, 2022
The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4... Moderate Unreviewed
CVE-2015-5970 was published May 17, 2022
OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python... Moderate Unreviewed
CVE-2015-5242 was published May 17, 2022
The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly configure the database, which... Moderate Unreviewed
CVE-2015-5643 was published May 17, 2022
Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer... Moderate Unreviewed
CVE-2015-7729 was published May 17, 2022
The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which... Moderate Unreviewed
CVE-2015-5644 was published May 17, 2022
Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7... Moderate Unreviewed
CVE-2014-3065 was published May 17, 2022
The factory.loadExtensionFactory function in TSUnicodeGraphEditorControl in SolarWinds Server and... Moderate Unreviewed
CVE-2015-1501 was published May 17, 2022
The Siemens SPCanywhere application for Android does not use encryption during the loading of... Moderate Unreviewed
CVE-2015-1597 was published May 17, 2022
Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote... Moderate Unreviewed
CVE-2015-4338 was published May 17, 2022
The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable,... Moderate Unreviewed
CVE-2014-9266 was published May 17, 2022
reminders/index.php in Incredible PBX 11 2.0.6.5.0 allows remote authenticated users to execute... Moderate Unreviewed
CVE-2014-9001 was published May 17, 2022
The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the ... Moderate Unreviewed
CVE-2012-2301 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database