GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
348,368 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions starting with 13.11, 13.12...
Moderate
Unreviewed
CVE-2021-22234
was published
May 24, 2022
The Contact Form 7 Captcha WordPress plugin before 0.0.9 does not have any CSRF check in place...
High
Unreviewed
CVE-2021-24565
was published
May 24, 2022
Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact and attack vectors related to...
Moderate
Unreviewed
CVE-2008-5319
was published
May 17, 2022
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding...
High
Unreviewed
CVE-2021-21857
was published
May 24, 2022
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding...
High
Unreviewed
CVE-2021-21853
was published
May 24, 2022
Go before 1.15.12 and 1.16.x before 1.16.5 allows injection.
High
Unreviewed
CVE-2021-33195
was published
May 24, 2022
** DISPUTED ** The set_language_path function in geshi.php in Generic Syntax Highlighter (GeSHi)...
High
Unreviewed
CVE-2008-5186
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x before 5.x-1.1 and...
Moderate
Unreviewed
CVE-2008-6169
was published
May 17, 2022
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL...
High
Unreviewed
CVE-2008-6189
was published
May 17, 2022
Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial...
Moderate
Unreviewed
CVE-2008-6670
was published
May 17, 2022
Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a...
Critical
Unreviewed
CVE-2012-2778
was published
May 17, 2022
includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is...
High
Unreviewed
CVE-2008-6171
was published
May 17, 2022
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call...
Moderate
Unreviewed
CVE-2021-39257
was published
May 24, 2022
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable...
High
Unreviewed
CVE-2021-35940
was published
May 24, 2022
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible...
Critical
Unreviewed
CVE-2021-0276
was published
May 24, 2022
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key...
Moderate
Unreviewed
CVE-2021-34558
was published
May 24, 2022
Cross-site scripting (XSS) vulnerability in the Web Server in Xerox WorkCentre 7132, 7228, 7235,...
Moderate
Unreviewed
CVE-2008-6436
was published
May 17, 2022
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server...
Moderate
Unreviewed
CVE-2008-5133
was published
May 17, 2022
Ocean12 Membership Manager Pro stores sensitive information under the web root with insufficient...
Moderate
Unreviewed
CVE-2008-5128
was published
May 17, 2022
Unspecified vulnerability in the SIP server in SIP Enablement Services (SES) in Avaya...
Moderate
Unreviewed
CVE-2008-6575
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in multiple Century Systems routers including XR...
Moderate
Unreviewed
CVE-2008-6449
was published
May 17, 2022
Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability....
Critical
Unreviewed
CVE-2017-11274
was published
May 17, 2022
Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x...
High
Unreviewed
CVE-2008-6577
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H...
Moderate
Unreviewed
CVE-2008-6465
was published
May 17, 2022
Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability....
High
Unreviewed
CVE-2017-11279
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API