Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

333,287 advisories

Loading
Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options,... High Unreviewed
CVE-2008-5397 was published May 17, 2022
Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2008-6670 was published May 17, 2022
Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and earlier allow remote... Moderate Unreviewed
CVE-2008-6126 was published May 17, 2022
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel... High Unreviewed
CVE-2008-6576 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows... Moderate Unreviewed
CVE-2008-6135 was published May 17, 2022
Semantically-Interconnected Online Communities (SIOC) 5.x before 5.x-1.2 and 6.x before 6.x-1.1,... Moderate Unreviewed
CVE-2008-6160 was published May 17, 2022
includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is... High Unreviewed
CVE-2008-6171 was published May 17, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 13.11, 13.12... Moderate Unreviewed
CVE-2021-22234 was published May 24, 2022
Go before 1.15.12 and 1.16.x before 1.16.5 allows injection. High Unreviewed
CVE-2021-33195 was published May 24, 2022
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key... Moderate Unreviewed
CVE-2021-34558 was published May 24, 2022
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call... Moderate Unreviewed
CVE-2021-39257 was published May 24, 2022
The Contact Form 7 Captcha WordPress plugin before 0.0.9 does not have any CSRF check in place... High Unreviewed
CVE-2021-24565 was published May 24, 2022
Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is... High Unreviewed
CVE-2021-35269 was published May 24, 2022
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible... Critical Unreviewed
CVE-2021-0276 was published May 24, 2022
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding... High Unreviewed
CVE-2021-21853 was published May 24, 2022
In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an... High Unreviewed
CVE-2021-33286 was published May 24, 2022
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding... High Unreviewed
CVE-2021-21857 was published May 24, 2022
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable... High Unreviewed
CVE-2021-35940 was published May 24, 2022
AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2008-6662 was published May 17, 2022
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL... High Unreviewed
CVE-2008-6189 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows... Low Unreviewed
CVE-2008-6170 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS 1.10.2 and earlier allow remote... Moderate Unreviewed
CVE-2008-6127 was published May 17, 2022
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute... High Unreviewed
CVE-2008-6640 was published May 17, 2022
Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack... High Unreviewed
CVE-2008-6602 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote... Moderate Unreviewed
CVE-2008-6616 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database