Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

244,411 advisories

Loading
The auto-complete functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4... Low Unreviewed
CVE-2010-1548 was published May 17, 2022
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla!... High Unreviewed
CVE-2010-1493 was published May 17, 2022
Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote... High Unreviewed
CVE-2008-6207 was published May 17, 2022
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers... High Unreviewed
CVE-2008-6136 was published May 17, 2022
In all Qualcomm products with Android release from CAF using the Linux kernel, while processing... High Unreviewed
CVE-2017-8273 was published May 17, 2022
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack... Moderate Unreviewed
CVE-2008-6131 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System... Moderate Unreviewed
CVE-2008-6192 was published May 17, 2022
EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions... High Unreviewed
CVE-2008-6137 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in admin/postlister/index.php in Jetbox CMS 2.1 allows... Moderate Unreviewed
CVE-2008-6174 was published May 17, 2022
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. High Unreviewed
CVE-2017-3107 was published May 17, 2022
Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in... High Unreviewed
CVE-2017-8518 was published May 17, 2022
Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3... High Unreviewed
CVE-2008-6158 was published May 17, 2022
SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute... High Unreviewed
CVE-2008-6203 was published May 17, 2022
GNOME project libxml2 v2.9.10 and earlier have a global Buffer Overflow vulnerability in... High Unreviewed
CVE-2020-24977 was published May 24, 2022
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed
CVE-2021-21013 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the... High Unreviewed
CVE-2020-13987 was published May 24, 2022
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper... Low Unreviewed
CVE-2020-0368 was published May 24, 2022
Philips Hue is vulnerable to a Denial of Service attack. Sending a SYN flood on port tcp/80 will... High Unreviewed
CVE-2018-7580 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4,... Moderate Unreviewed
CVE-2021-30709 was published May 24, 2022
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices.... High Unreviewed
CVE-2021-40382 was published May 24, 2022
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly... Moderate Unreviewed
CVE-2021-28135 was published May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability... Moderate Unreviewed
CVE-2021-24355 was published May 24, 2022
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC)... High Unreviewed
CVE-2021-1579 was published May 24, 2022
An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to... Critical Unreviewed
CVE-2021-33885 was published May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability... High Unreviewed
CVE-2021-24356 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API