GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,182
Composer 4,801
Erlang 36
GitHub Actions 29
Go 2,382
Maven 5,762
npm 4,011
NuGet 720
pip 3,810
Pub 12
RubyGems 930
Rust 987
Swift 38

Unreviewed advisories

All unreviewed 262,890

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,001 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007,... Moderate Unreviewed

CVE-2011-4512 was published May 17, 2022

CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in... Moderate Unreviewed

CVE-2011-4237 was published May 17, 2022

PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki 1.16 beta, when... Moderate Unreviewed

CVE-2010-2789 was published May 17, 2022

CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows... Moderate Unreviewed

CVE-2010-3913 was published May 17, 2022

Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when... Moderate Unreviewed

CVE-2010-1945 was published May 17, 2022

Multiple PHP remote file inclusion vulnerabilities in openMairie Openregistrecil 1.02, when... Moderate Unreviewed

CVE-2010-1946 was published May 17, 2022

PHP remote file inclusion vulnerability in core/includes/gfw_smarty.php in Gallo 0.1.0, when... Moderate Unreviewed

CVE-2010-1737 was published May 17, 2022

Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows remote authenticated users... Moderate Unreviewed

CVE-2011-2585 was published May 17, 2022

The notify function in pidgin-knotify.c in the pidgin-knotify plugin 0.2.1 and earlier for Pidgin... Moderate Unreviewed

CVE-2010-3088 was published May 17, 2022

Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when... Moderate Unreviewed

CVE-2010-1921 was published May 17, 2022

Multiple PHP remote file inclusion vulnerabilities in openMairie openCourrier 2.02 and 2.03 beta,... Moderate Unreviewed

CVE-2010-1927 was published May 17, 2022

Multiple PHP remote file inclusion vulnerabilities in openMairie openPlanning 1.00, when... Moderate Unreviewed

CVE-2010-1934 was published May 17, 2022

The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length... Moderate Unreviewed

CVE-2010-4005 was published May 17, 2022

Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to... Moderate Unreviewed

CVE-2019-13714 was published May 24, 2022

An authenticated attacker in SAP E-Commerce (Business-to-Consumer application), versions 7.3, 7... Moderate Unreviewed

CVE-2019-0308 was published May 24, 2022

The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an... Moderate Unreviewed

CVE-2022-41223 was published Nov 22, 2022

The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via... Moderate Unreviewed

CVE-2019-14786 was published May 24, 2022

IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control... Moderate Unreviewed

CVE-2019-4038 was published May 13, 2022

admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to... Moderate Unreviewed

CVE-2020-10389 was published May 24, 2022

SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions... Moderate Unreviewed

CVE-2020-6230 was published May 24, 2022

The BPM component in Genius Bytes Genius Server (Genius CDDS) 3.2.2 allows remote authenticated... Moderate Unreviewed

CVE-2019-16652 was published May 24, 2022

Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create... Moderate Unreviewed

CVE-2020-13144 was published May 24, 2022

Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value ... Moderate Unreviewed

CVE-2019-20002 was published May 24, 2022

An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve... Moderate Unreviewed

CVE-2020-13994 was published May 24, 2022

Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by... Moderate Unreviewed

CVE-2020-14971 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 40 41 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,001 advisories