GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

817 advisories

Filter by severity

Sort by

Least recently updated

PHP remote file inclusion vulnerability in prepend.php in Plume CMS 1.0.2, when register_globals... Moderate Unreviewed

CVE-2006-0725 was published May 1, 2022

Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals... Moderate Unreviewed

CVE-2006-0659 was published May 1, 2022

Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible... Moderate Unreviewed

CVE-2006-0332 was published May 1, 2022

GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user... Moderate Unreviewed

CVE-2006-0236 was published May 1, 2022

Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject... Moderate Unreviewed

CVE-2006-0207 was published May 1, 2022

The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote... Moderate Unreviewed

CVE-2005-4874 was published May 1, 2022

WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users... Moderate Unreviewed

CVE-2005-4209 was published May 1, 2022

PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique... Moderate Unreviewed

CVE-2005-3571 was published May 1, 2022

Multiple eval injection vulnerabilities in the help function in PHPKIT 1.6.1 R2 and earlier, when... Moderate Unreviewed

CVE-2005-3554 was published May 1, 2022

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in... Moderate Unreviewed

CVE-2005-2498 was published May 1, 2022

PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote... Moderate Unreviewed

CVE-2005-1996 was published May 1, 2022

Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with... Moderate Unreviewed

CVE-2005-1876 was published May 1, 2022

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is... Moderate Unreviewed

CVE-2005-1527 was published May 1, 2022

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT... Moderate Unreviewed

CVE-2005-0709 was published May 1, 2022

PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared... Moderate Unreviewed

CVE-2005-0227 was published May 1, 2022

PHP remote file inclusion vulnerability in thatfile.php in Thatware 0.3 through 0.5.2 allows... Moderate Unreviewed

CVE-2002-2299 was published Apr 30, 2022

PHP remote file inclusion vulnerability in artlist.php in Thatware 0.5.2 and 0.5.3 allows remote... Moderate Unreviewed

CVE-2002-2297 was published Apr 30, 2022

PHP remote file inclusion vulnerability in config.php in Thatware 0.3 through 0.5.3 allows remote... Moderate Unreviewed

CVE-2002-2298 was published Apr 30, 2022

csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary... Moderate Unreviewed

CVE-2002-1750 was published Apr 30, 2022

csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute... Moderate Unreviewed

CVE-2002-1753 was published Apr 30, 2022

csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl... Moderate Unreviewed

CVE-2002-1752 was published Apr 30, 2022

The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files... Moderate Unreviewed

CVE-1999-0891 was published Apr 30, 2022

PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows... Moderate Unreviewed

CVE-2004-2740 was published Apr 29, 2022

PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers... Moderate Unreviewed

CVE-2004-1419 was published Apr 29, 2022

Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with... Moderate Unreviewed

CVE-2004-0637 was published Apr 29, 2022

Previous 1 2 … 29 30 31 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

817 advisories