GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,880
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,036
Maven 5,219
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 237,994

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

904 advisories

Filter by severity

Sort by

Least recently updated

ack 2.00 through 2.11_02 allows remote attackers to execute arbitrary code via a (1) --pager, (2)... Moderate Unreviewed

CVE-2013-7069 was published May 17, 2022

The form API in Drupal 6.x before 6.29 and 7.x before 7.24, when used with unspecified third... Moderate Unreviewed

CVE-2013-6385 was published May 17, 2022

The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x... Moderate Unreviewed

CVE-2013-4446 was published May 17, 2022

tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec command in a TPP... Moderate Unreviewed

CVE-2013-2208 was published May 17, 2022

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x... Moderate Unreviewed

CVE-2013-1899 was published May 17, 2022

CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, when using AJP in certain... Moderate Unreviewed

CVE-2013-6009 was published May 17, 2022

The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators... Moderate Unreviewed

CVE-2013-6366 was published May 17, 2022

CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6... Moderate Unreviewed

CVE-2013-2582 was published May 17, 2022

NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code... Moderate Unreviewed

CVE-2013-3631 was published May 17, 2022

CRLF injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13... Moderate Unreviewed

CVE-2013-3373 was published May 17, 2022

Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB function in the Project... Moderate Unreviewed

CVE-2013-3244 was published May 17, 2022

The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute... Moderate Unreviewed

CVE-2012-4008 was published May 17, 2022

Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the... Moderate Unreviewed

CVE-2011-5147 was published May 17, 2022

An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2)... Moderate Unreviewed

CVE-2013-3402 was published May 17, 2022

The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote... Moderate Unreviewed

CVE-2012-4009 was published May 17, 2022

html/System-Files.php in the System File Overview feature in the NeDi component in GroundWork... Moderate Unreviewed

CVE-2013-3508 was published May 17, 2022

Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before... Moderate Unreviewed

CVE-2013-1647 was published May 17, 2022

The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote... Moderate Unreviewed

CVE-2012-2085 was published May 17, 2022

The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView... Moderate Unreviewed

CVE-2012-4017 was published May 17, 2022

The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated... Moderate Unreviewed

CVE-2012-5537 was published May 17, 2022

Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0... Moderate Unreviewed

CVE-2012-4884 was published May 17, 2022

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X,... Moderate Unreviewed

CVE-2012-4143 was published May 17, 2022

The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and... Moderate Unreviewed

CVE-2012-4427 was published May 17, 2022

Eval injection vulnerability in the fillpdf_form_export_decode function in fillpdf.admin.inc in... Moderate Unreviewed

CVE-2012-1625 was published May 17, 2022

Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context-dependent attackers to... Moderate Unreviewed

CVE-2008-5108 was published May 17, 2022

Previous 1 2 3 4 5 6 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

904 advisories