GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,640 advisories
Filter by severity
Missing input validation can lead to command execution in composer
High
CVE-2022-24828
was published
for
composer/composer
(Composer)
Apr 22, 2022
Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to...
Critical
Unreviewed
CVE-2011-4124
was published
Apr 22, 2022
The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles.
High
Unreviewed
CVE-2011-4310
was published
Apr 22, 2022
Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM...
Critical
Unreviewed
CVE-2011-4120
was published
Apr 22, 2022
Smarty3 Arbitrary PHP Code Execution
Critical
CVE-2011-1028
was published
for
smarty/smarty
(Composer)
Apr 22, 2022
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.
High
Unreviewed
CVE-2011-0529
was published
Apr 22, 2022
ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local...
High
Unreviewed
CVE-2011-2922
was published
Apr 22, 2022
tog-Pegasus has a package hash collision DoS vulnerability
High
Unreviewed
CVE-2011-4967
was published
Apr 22, 2022
nginx http proxy module does not verify peer identity of https origin server which could...
Moderate
Unreviewed
CVE-2011-4968
was published
Apr 22, 2022
In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may...
Critical
Unreviewed
CVE-2011-0703
was published
Apr 22, 2022
Typo3 Arbitrary File Delete
Moderate
CVE-2011-4902
was published
for
typo3/cms
(Composer)
Apr 22, 2022
Typo3 Improper Access Control
Moderate
CVE-2011-4904
was published
for
typo3/cms
(Composer)
Apr 22, 2022
A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration...
High
Unreviewed
CVE-2022-20783
was published
Apr 22, 2022
Dell EMC iDRAC8 versions 2.81.81 and earlier contain a denial of service vulnerability. A remote...
High
Unreviewed
CVE-2022-24423
was published
Apr 22, 2022
Rbot Reaction plugin allows command execution
Critical
Unreviewed
CVE-2010-2446
was published
Apr 21, 2022
TYPO3 is vulnerable to Spam Abuse in the native form content element
Moderate
CVE-2010-3667
was published
for
typo3/cms-frontend
(Composer)
Apr 21, 2022
Mumble: murmur-server has DoS due to malformed client query
Moderate
Unreviewed
CVE-2010-2490
was published
Apr 21, 2022
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can...
High
Unreviewed
CVE-2010-2061
was published
Apr 21, 2022
qtparted has insecure library loading which may allow arbitrary code execution
Critical
Unreviewed
CVE-2010-3375
was published
Apr 21, 2022
paxtest handles temporary files insecurely
Moderate
Unreviewed
CVE-2010-3373
was published
Apr 21, 2022
Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile...
High
Unreviewed
CVE-2010-1678
was published
Apr 21, 2022
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion
Critical
Unreviewed
CVE-2010-4239
was published
Apr 21, 2022
mailscanner can allow local users to prevent virus signatures from being updated
Moderate
Unreviewed
CVE-2010-3293
was published
Apr 21, 2022
The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for...
Moderate
Unreviewed
CVE-2009-5158
was published
Apr 21, 2022
SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was...
High
Unreviewed
CVE-2007-6763
was published
Apr 21, 2022
ProTip!
Advisories are also available from the
GraphQL API