Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

240,683 advisories

Loading
SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows... High Unreviewed
CVE-2008-6326 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in data/views/index.html in OpenEdit Digital Asset... Moderate Unreviewed
CVE-2008-6240 was published May 17, 2022
Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative... High Unreviewed
CVE-2008-6300 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote... Moderate Unreviewed
CVE-2008-6211 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote... Moderate Unreviewed
CVE-2008-6208 was published May 17, 2022
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious... Critical Unreviewed
CVE-2021-20236 was published May 24, 2022
Agentflow BPM enterprise management system has improper authentication. A remote attacker with... High Unreviewed
CVE-2022-39038 was published Nov 10, 2022
Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote... High Unreviewed
CVE-2022-42786 was published Nov 10, 2022
mm-wiki is vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2021-40289 was published for github.com/phachon/mm-wiki (Go) Nov 10, 2022
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config... High Unreviewed
CVE-2022-3461 was published Nov 15, 2022
Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Portal Script allow remote... High Unreviewed
CVE-2010-1605 was published May 17, 2022
Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery... High Unreviewed
CVE-2010-1577 was published May 17, 2022
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a... High Unreviewed
CVE-2010-1574 was published May 17, 2022
SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers... High Unreviewed
CVE-2010-1599 was published May 17, 2022
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt... High Unreviewed
CVE-2010-1588 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Context module before 6.x-2.0-rc4 for Drupal... Low Unreviewed
CVE-2010-1584 was published May 17, 2022
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and... High Unreviewed
CVE-2021-3115 was published May 24, 2022
Philips Hue is vulnerable to a Denial of Service attack. Sending a SYN flood on port tcp/80 will... High Unreviewed
CVE-2018-7580 was published May 24, 2022
An out-of-bounds write vulnerability exists in the PSD Header processing functionality of... High Unreviewed
CVE-2020-13585 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the... High Unreviewed
CVE-2020-13987 was published May 24, 2022
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an... High Unreviewed
CVE-2020-0404 was published May 24, 2022
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed
CVE-2021-21013 was published May 24, 2022
Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi... Moderate Unreviewed
CVE-2020-12262 was published May 24, 2022
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating... Critical Unreviewed
CVE-2020-26201 was published May 24, 2022
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper... Low Unreviewed
CVE-2020-0368 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API