GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,244
Composer 5,234
Erlang 40
GitHub Actions 41
Go 3,003
Maven 6,264
npm 4,732
NuGet 788
pip 4,341
Pub 12
RubyGems 987
Rust 1,137
Swift 50

Unreviewed advisories

All unreviewed 290,763

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

317,007 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple cross-site scripting (XSS) vulnerabilities in login.php in 3CX Phone System Free Edition... Moderate Unreviewed

CVE-2008-6894 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar 6.3.25 allows remote... Moderate Unreviewed

CVE-2008-7018 was published May 17, 2022

The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on... High Unreviewed

CVE-2017-11742 was published May 17, 2022

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an... High Unreviewed

CVE-2017-6259 was published May 17, 2022

NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to... Moderate Unreviewed

CVE-2017-7947 was published May 17, 2022

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite ... Moderate Unreviewed

CVE-2017-10093 was published May 17, 2022

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper... Moderate Unreviewed

CVE-2017-6260 was published May 17, 2022

Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of... Critical Unreviewed

CVE-2017-11673 was published May 17, 2022

Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c. High Unreviewed

CVE-2017-12067 was published May 17, 2022

SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote... High Unreviewed

CVE-2008-6887 was published May 17, 2022

A memory corruption vulnerability exists when ezPDF improperly handles the parameter. This... High Unreviewed

CVE-2020-7870 was published May 24, 2022

Potential speculative code store bypass in all supported CPU products, in conjunction with... Moderate Unreviewed

CVE-2021-26313 was published May 24, 2022

A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a... High Unreviewed

CVE-2021-20019 was published May 24, 2022

Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a hardcoded password, which... Low Unreviewed

CVE-2008-6191 was published May 17, 2022

The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with... Moderate Unreviewed

CVE-2008-6707 was published May 17, 2022

JBook stores sensitive information under the web root with insufficient access control, which... Moderate Unreviewed

CVE-2008-6375 was published May 17, 2022

Multiple cross-site scripting (XSS) vulnerabilities in Camera Life 2.6.2b8 allow remote attackers... Moderate Unreviewed

CVE-2008-6295 was published May 17, 2022

Multiple cross-site scripting (XSS) vulnerabilities in MODx before 0.9.6.3 allow remote attackers... Moderate Unreviewed

CVE-2008-5942 was published May 17, 2022

Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows... Moderate Unreviewed

CVE-2008-5821 was published May 17, 2022

Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1... High Unreviewed

CVE-2008-5791 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3... Moderate Unreviewed

CVE-2008-5734 was published May 17, 2022

internettoolbar/edit.php in YourPlace 1.0.2 and earlier does not end execution when an invalid... Moderate Unreviewed

CVE-2008-6774 was published May 17, 2022

connection.php in FlashChat 5.0.8 allows remote attackers to bypass the role filter mechanism and... High Unreviewed

CVE-2008-6799 was published May 17, 2022

wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the... High Unreviewed

CVE-2008-6767 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote... Moderate Unreviewed

CVE-2008-6035 was published May 17, 2022

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

317,007 advisories