GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,259
Composer 4,633
Erlang 34
GitHub Actions 25
Go 2,239
Maven 5,485
npm 3,900
NuGet 701
pip 3,667
Pub 12
RubyGems 914
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 252,735

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

880 advisories

Filter by severity

Sort by

Least recently updated

Hidden functionality vulnerability in Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and... Moderate Unreviewed

CVE-2022-43486 was published Dec 19, 2022

Improper Control of Generation of Code ('Code Injection') vulnerability in Fetch Designs Sign-up... Moderate Unreviewed

CVE-2025-26996 was published Apr 16, 2025

OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python... Moderate Unreviewed

CVE-2015-5242 was published May 17, 2022

The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to... Moderate Unreviewed

CVE-2015-5603 was published May 14, 2022

PHP remote file inclusion vulnerability in the fetchView function in the... Moderate Unreviewed

CVE-2015-1399 was published May 17, 2022

The factory.loadExtensionFactory function in TSUnicodeGraphEditorControl in SolarWinds Server and... Moderate Unreviewed

CVE-2015-1501 was published May 17, 2022

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable,... Moderate Unreviewed

CVE-2014-9266 was published May 17, 2022

Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental... Moderate Unreviewed

CVE-2011-2702 was published May 17, 2022

Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to execute arbitrary PHP code via... Moderate Unreviewed

CVE-2013-5352 was published May 17, 2022

GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and... Moderate Unreviewed

CVE-2013-4581 was published May 17, 2022

The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which... Moderate Unreviewed

CVE-2014-2558 was published May 17, 2022

The The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for... Moderate Unreviewed

CVE-2025-3422 was published Apr 11, 2025

The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install... Moderate Unreviewed

CVE-2014-1670 was published May 14, 2022

The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using... Moderate Unreviewed

CVE-2013-7050 was published May 17, 2022

The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators... Moderate Unreviewed

CVE-2013-6366 was published May 17, 2022

The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote... Moderate Unreviewed

CVE-2013-6025 was published May 17, 2022

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x... Moderate Unreviewed

CVE-2013-1899 was published May 17, 2022

dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled,... Moderate Unreviewed

CVE-2011-5130 was published May 17, 2022

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X,... Moderate Unreviewed

CVE-2012-4143 was published May 17, 2022

Opera before 11.62 allows user-assisted remote attackers to trick users into downloading and... Moderate Unreviewed

CVE-2012-1924 was published May 14, 2022

PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the... Moderate Unreviewed

CVE-2011-4614 was published May 17, 2022

Eval injection vulnerability in config.php in Support Incident Tracker (aka SiT!) 3.65 allows... Moderate Unreviewed

CVE-2011-3832 was published May 17, 2022

PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery... Moderate Unreviewed

CVE-2010-5040 was published May 17, 2022

SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and... Moderate Unreviewed

CVE-2011-4646 was published May 17, 2022

CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before... Moderate Unreviewed

CVE-2011-2381 was published May 17, 2022

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

880 advisories