GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
852 advisories
Filter by severity
PHP remote file inclusion vulnerability in resources/includes/popp.config.loader.inc.php in...
Moderate
Unreviewed
CVE-2006-2395
was published
May 1, 2022
Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3...
Moderate
Unreviewed
CVE-2006-2286
was published
May 1, 2022
PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for...
Moderate
Unreviewed
CVE-2006-2245
was published
May 1, 2022
PHP remote file inclusion vulnerability in index.php in CoolMenus allows remote attackers to...
Moderate
Unreviewed
CVE-2006-2122
was published
May 1, 2022
Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel...
Moderate
Unreviewed
CVE-2006-1896
was published
May 1, 2022
PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in...
Moderate
Unreviewed
CVE-2006-1610
was published
May 1, 2022
PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1...
Moderate
Unreviewed
CVE-2006-1503
was published
May 1, 2022
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to...
Moderate
Unreviewed
CVE-2006-1251
was published
May 1, 2022
SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary...
Moderate
Unreviewed
CVE-2006-1039
was published
May 1, 2022
PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows...
Moderate
Unreviewed
CVE-2006-0945
was published
May 1, 2022
PHP remote file inclusion vulnerability in prepend.php in Plume CMS 1.0.2, when register_globals...
Moderate
Unreviewed
CVE-2006-0725
was published
May 1, 2022
Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals...
Moderate
Unreviewed
CVE-2006-0659
was published
May 1, 2022
Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible...
Moderate
Unreviewed
CVE-2006-0332
was published
May 1, 2022
GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user...
Moderate
Unreviewed
CVE-2006-0236
was published
May 1, 2022
Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject...
Moderate
Unreviewed
CVE-2006-0207
was published
May 1, 2022
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote...
Moderate
Unreviewed
CVE-2005-4874
was published
May 1, 2022
WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users...
Moderate
Unreviewed
CVE-2005-4209
was published
May 1, 2022
PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique...
Moderate
Unreviewed
CVE-2005-3571
was published
May 1, 2022
Multiple eval injection vulnerabilities in the help function in PHPKIT 1.6.1 R2 and earlier, when...
Moderate
Unreviewed
CVE-2005-3554
was published
May 1, 2022
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in...
Moderate
Unreviewed
CVE-2005-2498
was published
May 1, 2022
PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote...
Moderate
Unreviewed
CVE-2005-1996
was published
May 1, 2022
Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with...
Moderate
Unreviewed
CVE-2005-1876
was published
May 1, 2022
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is...
Moderate
Unreviewed
CVE-2005-1527
was published
May 1, 2022
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT...
Moderate
Unreviewed
CVE-2005-0709
was published
May 1, 2022
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared...
Moderate
Unreviewed
CVE-2005-0227
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API