Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,425
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

913 advisories

Loading
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files... Moderate Unreviewed
CVE-1999-0891 was published Apr 30, 2022
PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows... Moderate Unreviewed
CVE-2004-2740 was published Apr 29, 2022
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers... Moderate Unreviewed
CVE-2004-1419 was published Apr 29, 2022
Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with... Moderate Unreviewed
CVE-2004-0637 was published Apr 29, 2022
PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote... Moderate Unreviewed
CVE-2003-1500 was published Apr 29, 2022
Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote... Moderate Unreviewed
CVE-2003-1459 was published Apr 29, 2022
PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows... Moderate Unreviewed
CVE-2003-1436 was published Apr 29, 2022
PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric... Moderate Unreviewed
CVE-2003-1411 was published Apr 29, 2022
PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0... Moderate Unreviewed
CVE-2003-1412 was published Apr 29, 2022
PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2... Moderate Unreviewed
CVE-2003-1410 was published Apr 29, 2022
ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code,... Moderate Unreviewed
CVE-2003-1385 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible Moderate Unreviewed
CVE-2022-29815 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible Moderate Unreviewed
CVE-2022-29813 was published Apr 29, 2022
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which... Moderate Unreviewed
CVE-2021-38745 was published Mar 22, 2022
Code injection in npm git Moderate
CVE-2021-23632 was published for git (npm) Mar 18, 2022
Template injection (Improper Neutralization of Special Elements Used in a Template Engine)... Moderate Unreviewed
CVE-2022-23810 was published Feb 25, 2022
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique... Moderate Unreviewed
CVE-2022-21928 was published Jan 12, 2022
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection. Moderate Unreviewed
CVE-2021-45655 was published Dec 27, 2021
vault-cli contains possible RCE when reading user-defined data Moderate
CVE-2021-43837 was published for vault-cli (pip) Dec 16, 2021
ewjoachim
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,... Moderate Unreviewed
CVE-2021-29113 was published Dec 8, 2021
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute... Moderate Unreviewed
CVE-2021-38967 was published Dec 1, 2021
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2021-43221 was published Nov 25, 2021
The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in... Moderate Unreviewed
CVE-2021-33493 was published Nov 23, 2021
Code injection in `saved_model_cli` Moderate
CVE-2021-41228 was published for tensorflow (pip) Nov 10, 2021
Code Injection in SLO Generator Moderate
CVE-2021-22557 was published for slo-generator (pip) Oct 5, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database