GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
244,411 advisories
Filter by severity
The auto-complete functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4...
Low
Unreviewed
CVE-2010-1548
was published
May 17, 2022
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla!...
High
Unreviewed
CVE-2010-1493
was published
May 17, 2022
Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote...
High
Unreviewed
CVE-2008-6207
was published
May 17, 2022
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers...
High
Unreviewed
CVE-2008-6136
was published
May 17, 2022
In all Qualcomm products with Android release from CAF using the Linux kernel, while processing...
High
Unreviewed
CVE-2017-8273
was published
May 17, 2022
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack...
Moderate
Unreviewed
CVE-2008-6131
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System...
Moderate
Unreviewed
CVE-2008-6192
was published
May 17, 2022
EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions...
High
Unreviewed
CVE-2008-6137
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in admin/postlister/index.php in Jetbox CMS 2.1 allows...
Moderate
Unreviewed
CVE-2008-6174
was published
May 17, 2022
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
High
Unreviewed
CVE-2017-3107
was published
May 17, 2022
Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in...
High
Unreviewed
CVE-2017-8518
was published
May 17, 2022
Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3...
High
Unreviewed
CVE-2008-6158
was published
May 17, 2022
SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute...
High
Unreviewed
CVE-2008-6203
was published
May 17, 2022
GNOME project libxml2 v2.9.10 and earlier have a global Buffer Overflow vulnerability in...
High
Unreviewed
CVE-2020-24977
was published
May 24, 2022
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when...
High
Unreviewed
CVE-2021-21013
was published
May 24, 2022
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the...
High
Unreviewed
CVE-2020-13987
was published
May 24, 2022
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper...
Low
Unreviewed
CVE-2020-0368
was published
May 24, 2022
Philips Hue is vulnerable to a Denial of Service attack. Sending a SYN flood on port tcp/80 will...
High
Unreviewed
CVE-2018-7580
was published
May 24, 2022
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4,...
Moderate
Unreviewed
CVE-2021-30709
was published
May 24, 2022
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices....
High
Unreviewed
CVE-2021-40382
was published
May 24, 2022
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly...
Moderate
Unreviewed
CVE-2021-28135
was published
May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability...
Moderate
Unreviewed
CVE-2021-24355
was published
May 24, 2022
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC)...
High
Unreviewed
CVE-2021-1579
was published
May 24, 2022
An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to...
Critical
Unreviewed
CVE-2021-33885
was published
May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability...
High
Unreviewed
CVE-2021-24356
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API