Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

817 advisories

Loading
The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in... Moderate Unreviewed
CVE-2021-33493 was published Nov 23, 2021
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2021-43221 was published Nov 25, 2021
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute... Moderate Unreviewed
CVE-2021-38967 was published Dec 1, 2021
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,... Moderate Unreviewed
CVE-2021-29113 was published Dec 8, 2021
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection. Moderate Unreviewed
CVE-2021-45655 was published Dec 27, 2021
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique... Moderate Unreviewed
CVE-2022-21928 was published Jan 12, 2022
Template injection (Improper Neutralization of Special Elements Used in a Template Engine)... Moderate Unreviewed
CVE-2022-23810 was published Feb 25, 2022
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which... Moderate Unreviewed
CVE-2021-38745 was published Mar 22, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible Moderate Unreviewed
CVE-2022-29813 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible Moderate Unreviewed
CVE-2022-29815 was published Apr 29, 2022
ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code,... Moderate Unreviewed
CVE-2003-1385 was published Apr 29, 2022
PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0... Moderate Unreviewed
CVE-2003-1412 was published Apr 29, 2022
PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2... Moderate Unreviewed
CVE-2003-1410 was published Apr 29, 2022
PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric... Moderate Unreviewed
CVE-2003-1411 was published Apr 29, 2022
PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows... Moderate Unreviewed
CVE-2003-1436 was published Apr 29, 2022
Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote... Moderate Unreviewed
CVE-2003-1459 was published Apr 29, 2022
PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote... Moderate Unreviewed
CVE-2003-1500 was published Apr 29, 2022
Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with... Moderate Unreviewed
CVE-2004-0637 was published Apr 29, 2022
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers... Moderate Unreviewed
CVE-2004-1419 was published Apr 29, 2022
PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows... Moderate Unreviewed
CVE-2004-2740 was published Apr 29, 2022
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files... Moderate Unreviewed
CVE-1999-0891 was published Apr 30, 2022
csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute... Moderate Unreviewed
CVE-2002-1753 was published Apr 30, 2022
csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl... Moderate Unreviewed
CVE-2002-1752 was published Apr 30, 2022
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary... Moderate Unreviewed
CVE-2002-1750 was published Apr 30, 2022
PHP remote file inclusion vulnerability in artlist.php in Thatware 0.5.2 and 0.5.3 allows remote... Moderate Unreviewed
CVE-2002-2297 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database