GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
23 advisories
Filter by severity
Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect...
Low
Unreviewed
CVE-2006-0388
was published
May 1, 2022
PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2...
Low
Unreviewed
CVE-2006-0723
was published
May 1, 2022
Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*...
Low
Unreviewed
CVE-2006-2312
was published
May 1, 2022
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to...
Low
Unreviewed
CVE-2006-4624
was published
May 1, 2022
CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and...
Low
Unreviewed
CVE-2008-0456
was published
May 1, 2022
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not...
Low
Unreviewed
CVE-2008-3294
was published
May 1, 2022
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM...
Low
Unreviewed
CVE-2010-0155
was published
May 2, 2022
Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to...
Low
Unreviewed
CVE-2012-4791
was published
May 14, 2022
epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before...
Low
Unreviewed
CVE-2012-4049
was published
May 14, 2022
epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6...
Low
Unreviewed
CVE-2012-1594
was published
May 14, 2022
The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1...
Low
Unreviewed
CVE-2012-4048
was published
May 17, 2022
CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere...
Low
Unreviewed
CVE-2013-3998
was published
May 17, 2022
CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before...
Low
Unreviewed
CVE-2013-2950
was published
May 17, 2022
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in...
Low
Unreviewed
CVE-2012-3355
was published
May 17, 2022
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3,...
Low
Unreviewed
CVE-2010-3172
was published
May 17, 2022
cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).
Low
Unreviewed
CVE-2018-20896
was published
May 24, 2022
The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This...
Low
Unreviewed
CVE-2023-33229
was published
Jul 26, 2023
In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by...
Low
Unreviewed
CVE-2024-0325
was published
Feb 2, 2024
In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by...
Low
Unreviewed
CVE-2024-3995
was published
Jun 29, 2024
A potential JSON injection attack vector exists in PingFederate REST API data stores using the...
Low
Unreviewed
CVE-2024-21832
was published
Jul 10, 2024
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due...
Low
Unreviewed
CVE-2024-22123
was published
Aug 12, 2024
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options...
Low
Unreviewed
CVE-2024-8258
was published
Sep 10, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote...
Low
Unreviewed
CVE-2024-28811
was published
Sep 30, 2024
ProTip!
Advisories are also available from the
GraphQL API