GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
819 advisories
Filter by severity
The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in...
Moderate
Unreviewed
CVE-2021-33493
was published
Nov 23, 2021
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2021-43221
was published
Nov 25, 2021
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute...
Moderate
Unreviewed
CVE-2021-38967
was published
Dec 1, 2021
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,...
Moderate
Unreviewed
CVE-2021-29113
was published
Dec 8, 2021
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection.
Moderate
Unreviewed
CVE-2021-45655
was published
Dec 27, 2021
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique...
Moderate
Unreviewed
CVE-2022-21928
was published
Jan 12, 2022
Template injection (Improper Neutralization of Special Elements Used in a Template Engine)...
Moderate
Unreviewed
CVE-2022-23810
was published
Feb 25, 2022
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which...
Moderate
Unreviewed
CVE-2021-38745
was published
Mar 22, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible
Moderate
Unreviewed
CVE-2022-29815
was published
Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible
Moderate
Unreviewed
CVE-2022-29813
was published
Apr 29, 2022
ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code,...
Moderate
Unreviewed
CVE-2003-1385
was published
Apr 29, 2022
PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2...
Moderate
Unreviewed
CVE-2003-1410
was published
Apr 29, 2022
PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0...
Moderate
Unreviewed
CVE-2003-1412
was published
Apr 29, 2022
PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric...
Moderate
Unreviewed
CVE-2003-1411
was published
Apr 29, 2022
PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows...
Moderate
Unreviewed
CVE-2003-1436
was published
Apr 29, 2022
Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote...
Moderate
Unreviewed
CVE-2003-1459
was published
Apr 29, 2022
PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote...
Moderate
Unreviewed
CVE-2003-1500
was published
Apr 29, 2022
Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with...
Moderate
Unreviewed
CVE-2004-0637
was published
Apr 29, 2022
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers...
Moderate
Unreviewed
CVE-2004-1419
was published
Apr 29, 2022
PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows...
Moderate
Unreviewed
CVE-2004-2740
was published
Apr 29, 2022
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files...
Moderate
Unreviewed
CVE-1999-0891
was published
Apr 30, 2022
csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl...
Moderate
Unreviewed
CVE-2002-1752
was published
Apr 30, 2022
csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute...
Moderate
Unreviewed
CVE-2002-1753
was published
Apr 30, 2022
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2002-1750
was published
Apr 30, 2022
PHP remote file inclusion vulnerability in config.php in Thatware 0.3 through 0.5.3 allows remote...
Moderate
Unreviewed
CVE-2002-2298
was published
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API