GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
249,130 advisories
Filter by severity
In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible...
Critical
Unreviewed
CVE-2021-36706
was published
May 24, 2022
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact...
Critical
Unreviewed
CVE-2020-25928
was published
May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by...
Moderate
Unreviewed
CVE-2020-4706
was published
May 24, 2022
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF)...
High
Unreviewed
CVE-2008-6544
was published
May 17, 2022
Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution.
High
Unreviewed
CVE-2022-30586
was published
Jun 7, 2022
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote...
Moderate
Unreviewed
CVE-2008-6500
was published
May 17, 2022
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite...
Moderate
Unreviewed
CVE-2008-6671
was published
May 17, 2022
Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to...
Moderate
Unreviewed
CVE-2008-6470
was published
May 17, 2022
SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3...
High
Unreviewed
CVE-2008-6462
was published
May 17, 2022
SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows...
High
Unreviewed
CVE-2008-6686
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier...
Moderate
Unreviewed
CVE-2008-6687
was published
May 17, 2022
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash)...
Moderate
Unreviewed
CVE-2008-6680
was published
May 17, 2022
PHP remote file inclusion vulnerability in news/include/createdb.php in Web Server Creator Web...
High
Unreviewed
CVE-2008-6545
was published
May 17, 2022
Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application...
Moderate
Unreviewed
CVE-2008-6579
was published
May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the update feature in Drupal 5.x...
Moderate
Unreviewed
CVE-2008-6532
was published
May 17, 2022
PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers...
High
Unreviewed
CVE-2008-6491
was published
May 17, 2022
The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted...
High
Unreviewed
CVE-2017-5230
was published
May 17, 2022
Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2...
High
Unreviewed
CVE-2017-10677
was published
May 17, 2022
The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd...
High
Unreviewed
CVE-2017-9747
was published
May 17, 2022
Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service...
Moderate
Unreviewed
CVE-2017-8623
was published
May 17, 2022
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue...
High
Unreviewed
CVE-2017-6978
was published
May 17, 2022
VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in...
Moderate
Unreviewed
CVE-2017-4916
was published
May 17, 2022
An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:211 was found in...
High
Unreviewed
CVE-2017-11669
was published
May 17, 2022
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of...
High
Unreviewed
CVE-2017-8647
was published
May 17, 2022
Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x...
High
Unreviewed
CVE-2008-6574
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API