Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,640 advisories

Loading
Missing input validation can lead to command execution in composer High
CVE-2022-24828 was published for composer/composer (Composer) Apr 22, 2022
thomas-chauchefoin-sonarsource
Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to... Critical Unreviewed
CVE-2011-4124 was published Apr 22, 2022
The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. High Unreviewed
CVE-2011-4310 was published Apr 22, 2022
Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM... Critical Unreviewed
CVE-2011-4120 was published Apr 22, 2022
Smarty3 Arbitrary PHP Code Execution Critical
CVE-2011-1028 was published for smarty/smarty (Composer) Apr 22, 2022
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. High Unreviewed
CVE-2011-0529 was published Apr 22, 2022
ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local... High Unreviewed
CVE-2011-2922 was published Apr 22, 2022
tog-Pegasus has a package hash collision DoS vulnerability High Unreviewed
CVE-2011-4967 was published Apr 22, 2022
nginx http proxy module does not verify peer identity of https origin server which could... Moderate Unreviewed
CVE-2011-4968 was published Apr 22, 2022
In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may... Critical Unreviewed
CVE-2011-0703 was published Apr 22, 2022
Typo3 Arbitrary File Delete Moderate
CVE-2011-4902 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Improper Access Control Moderate
CVE-2011-4904 was published for typo3/cms (Composer) Apr 22, 2022
A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration... High Unreviewed
CVE-2022-20783 was published Apr 22, 2022
Dell EMC iDRAC8 versions 2.81.81 and earlier contain a denial of service vulnerability. A remote... High Unreviewed
CVE-2022-24423 was published Apr 22, 2022
Rbot Reaction plugin allows command execution Critical Unreviewed
CVE-2010-2446 was published Apr 21, 2022
TYPO3 is vulnerable to Spam Abuse in the native form content element Moderate
CVE-2010-3667 was published for typo3/cms-frontend (Composer) Apr 21, 2022
Mumble: murmur-server has DoS due to malformed client query Moderate Unreviewed
CVE-2010-2490 was published Apr 21, 2022
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can... High Unreviewed
CVE-2010-2061 was published Apr 21, 2022
qtparted has insecure library loading which may allow arbitrary code execution Critical Unreviewed
CVE-2010-3375 was published Apr 21, 2022
paxtest handles temporary files insecurely Moderate Unreviewed
CVE-2010-3373 was published Apr 21, 2022
Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile... High Unreviewed
CVE-2010-1678 was published Apr 21, 2022
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion Critical Unreviewed
CVE-2010-4239 was published Apr 21, 2022
mailscanner can allow local users to prevent virus signatures from being updated Moderate Unreviewed
CVE-2010-3293 was published Apr 21, 2022
The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for... Moderate Unreviewed
CVE-2009-5158 was published Apr 21, 2022
SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was... High Unreviewed
CVE-2007-6763 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database