Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,044 advisories

Loading
Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X,... Moderate Unreviewed
CVE-2012-4143 was published May 17, 2022
Opera before 11.62 allows user-assisted remote attackers to trick users into downloading and... Moderate Unreviewed
CVE-2012-1924 was published May 14, 2022
PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the... Moderate Unreviewed
CVE-2011-4614 was published May 17, 2022
Eval injection vulnerability in config.php in Support Incident Tracker (aka SiT!) 3.65 allows... Moderate Unreviewed
CVE-2011-3832 was published May 17, 2022
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery... Moderate Unreviewed
CVE-2010-5040 was published May 17, 2022
SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and... Moderate Unreviewed
CVE-2011-4646 was published May 17, 2022
CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before... Moderate Unreviewed
CVE-2011-2381 was published May 17, 2022
libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3... Moderate Unreviewed
CVE-2011-2507 was published May 14, 2022
CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x... Moderate Unreviewed
CVE-2010-4572 was published May 17, 2022
Incomplete blacklist vulnerability in config.template.php in vtiger CRM before 5.2.1 allows... Moderate Unreviewed
CVE-2010-3909 was published May 14, 2022
share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local users to execute arbitrary code... Moderate Unreviewed
CVE-2010-4096 was published May 17, 2022
The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and... Moderate Unreviewed
CVE-2010-2761 was published May 17, 2022
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products,... Moderate Unreviewed
CVE-2010-3429 was published May 14, 2022
Opera before 10.61 does not properly suppress clicks on download dialogs that became visible... Moderate Unreviewed
CVE-2010-2576 was published May 14, 2022
PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter... Moderate Unreviewed
CVE-2010-2314 was published May 17, 2022
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3,... Moderate Unreviewed
CVE-2010-1255 was published May 2, 2022
Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, and possibly earlier, when... Moderate Unreviewed
CVE-2010-1299 was published May 2, 2022
Multiple unspecified vulnerabilities in Pulse CMS before 1.2.3 allow (1) remote attackers to... Moderate Unreviewed
CVE-2010-0988 was published May 2, 2022
Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to... Moderate Unreviewed
CVE-2010-0187 was published May 2, 2022
There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote... Moderate Unreviewed
CVE-2024-25706 was published Apr 4, 2024
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side... Moderate Unreviewed
CVE-2024-3788 was published May 14, 2024
RaspAP Vulnerable to Code Injection via an Unknown Process in File `includes/provider.php` Moderate
CVE-2024-2497 was published for billz/raspap-webgui (Composer) Mar 15, 2024
Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions... Moderate Unreviewed
CVE-2009-3890 was published May 2, 2022
Argument injection vulnerability in (1) src/content/js/connection/sftp.js and (2) src/content/js... Moderate Unreviewed
CVE-2009-3478 was published May 2, 2022
Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android... Moderate Unreviewed
CVE-2009-2348 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database