GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,681
Composer 4,467
Erlang 33
GitHub Actions 23
Go 2,172
Maven 5,398
npm 3,832
NuGet 696
pip 3,508
Pub 12
RubyGems 910
Rust 907
Swift 38

Unreviewed advisories

All unreviewed 247,985

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

954 advisories

Filter by severity

Sort by

Least recently updated

The notify function in pidgin-knotify.c in the pidgin-knotify plugin 0.2.1 and earlier for Pidgin... Moderate Unreviewed

CVE-2010-3088 was published May 17, 2022

Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when... Moderate Unreviewed

CVE-2010-1921 was published May 17, 2022

Multiple PHP remote file inclusion vulnerabilities in openMairie openPlanning 1.00, when... Moderate Unreviewed

CVE-2010-1934 was published May 17, 2022

Multiple PHP remote file inclusion vulnerabilities in openMairie openCourrier 2.02 and 2.03 beta,... Moderate Unreviewed

CVE-2010-1927 was published May 17, 2022

The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length... Moderate Unreviewed

CVE-2010-4005 was published May 17, 2022

Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to... Moderate Unreviewed

CVE-2019-13714 was published May 24, 2022

PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter... Moderate Unreviewed

CVE-2010-2314 was published May 17, 2022

An authenticated attacker in SAP E-Commerce (Business-to-Consumer application), versions 7.3, 7... Moderate Unreviewed

CVE-2019-0308 was published May 24, 2022

The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an... Moderate Unreviewed

CVE-2022-41223 was published Nov 22, 2022

The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via... Moderate Unreviewed

CVE-2019-14786 was published May 24, 2022

IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control... Moderate Unreviewed

CVE-2019-4038 was published May 13, 2022

admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to... Moderate Unreviewed

CVE-2020-10389 was published May 24, 2022

SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions... Moderate Unreviewed

CVE-2020-6230 was published May 24, 2022

The BPM component in Genius Bytes Genius Server (Genius CDDS) 3.2.2 allows remote authenticated... Moderate Unreviewed

CVE-2019-16652 was published May 24, 2022

Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create... Moderate Unreviewed

CVE-2020-13144 was published May 24, 2022

Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value ... Moderate Unreviewed

CVE-2019-20002 was published May 24, 2022

An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve... Moderate Unreviewed

CVE-2020-13994 was published May 24, 2022

Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by... Moderate Unreviewed

CVE-2020-14971 was published May 24, 2022

Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated... Moderate Unreviewed

CVE-2020-24614 was published May 24, 2022

A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a... Moderate Unreviewed

CVE-2020-8224 was published May 24, 2022

In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against... Moderate Unreviewed

CVE-2020-15817 was published May 24, 2022

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of... Moderate Unreviewed

CVE-2020-24354 was published May 24, 2022

A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7... Moderate Unreviewed

CVE-2020-6318 was published May 24, 2022

Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code... Moderate Unreviewed

CVE-2020-8274 was published May 24, 2022

A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was... Moderate Unreviewed

CVE-2021-3411 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

954 advisories