GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
348,368 advisories
Filter by severity
Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3...
Moderate
Unreviewed
CVE-2008-5734
was published
May 17, 2022
Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1...
High
Unreviewed
CVE-2008-5791
was published
May 17, 2022
MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download...
Moderate
Unreviewed
CVE-2008-5687
was published
May 17, 2022
SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers...
High
Unreviewed
CVE-2008-5977
was published
May 17, 2022
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc...
Moderate
Unreviewed
CVE-2008-5954
was published
May 17, 2022
The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender...
High
Unreviewed
CVE-2008-5617
was published
May 17, 2022
SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows remote attackers to execute...
High
Unreviewed
CVE-2008-6019
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone...
Moderate
Unreviewed
CVE-2008-5971
was published
May 17, 2022
wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the...
High
Unreviewed
CVE-2008-6767
was published
May 17, 2022
internettoolbar/edit.php in YourPlace 1.0.2 and earlier does not end execution when an invalid...
Moderate
Unreviewed
CVE-2008-6774
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the User Karma module 5.x before 5.x-1.13 and 6.x...
Moderate
Unreviewed
CVE-2008-6275
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in seeurl.php in Xavier Flahaut URLStreet 1.0 allows...
Moderate
Unreviewed
CVE-2008-6205
was published
May 17, 2022
Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of...
High
Unreviewed
CVE-2008-6703
was published
May 17, 2022
JBook stores sensitive information under the web root with insufficient access control, which...
Moderate
Unreviewed
CVE-2008-6375
was published
May 17, 2022
connection.php in FlashChat 5.0.8 allows remote attackers to bypass the role filter mechanism and...
High
Unreviewed
CVE-2008-6799
was published
May 17, 2022
Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related content when an input...
Moderate
Unreviewed
CVE-2008-6533
was published
May 17, 2022
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a...
High
Unreviewed
CVE-2021-20019
was published
May 24, 2022
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1...
High
Unreviewed
CVE-2008-6711
was published
May 17, 2022
Potential speculative code store bypass in all supported CPU products, in conjunction with...
Moderate
Unreviewed
CVE-2021-26313
was published
May 24, 2022
A memory corruption vulnerability exists when ezPDF improperly handles the parameter. This...
High
Unreviewed
CVE-2020-7870
was published
May 24, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote...
Moderate
Unreviewed
CVE-2008-6762
was published
May 17, 2022
In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an...
High
Unreviewed
CVE-2021-33286
was published
May 24, 2022
Semantically-Interconnected Online Communities (SIOC) 5.x before 5.x-1.2 and 6.x before 6.x-1.1,...
Moderate
Unreviewed
CVE-2008-6160
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows...
Low
Unreviewed
CVE-2008-6170
was published
May 17, 2022
Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote...
Moderate
Unreviewed
CVE-2008-6129
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API