GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
904 advisories
Filter by severity
Arbitrary Code Injection in mobile-icon-resizer
Moderate
GHSA-mxjr-xmcg-fg7w
was published
for
mobile-icon-resizer
(npm)
Jun 27, 2019
Object injection in cookie driver in phpfastcache
Moderate
CVE-2019-16774
was published
for
phpfastcache/phpfastcache
(Composer)
Dec 12, 2019
XML-RPC for PHP's `Wrapper::buildClientWrapperCode` method allows code injection via malicious `$client` argument
Moderate
GHSA-7vcx-v65q-9wpg
was published
for
phpxmlrpc/phpxmlrpc
(Composer)
Jan 11, 2023
CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x...
Moderate
Unreviewed
CVE-2010-4572
was published
May 17, 2022
Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs
Moderate
CVE-2021-32822
was published
for
hbs
(npm)
Sep 2, 2021
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which...
Moderate
Unreviewed
CVE-2021-38745
was published
Mar 22, 2022
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly...
Moderate
Unreviewed
CVE-2010-2809
was published
May 17, 2022
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection.
Moderate
Unreviewed
CVE-2021-45655
was published
Dec 27, 2021
Improper Control of Generation of Code in Spring Security
Moderate
CVE-2011-2732
was published
for
org.springframework.security:spring-security-core
(Maven)
May 17, 2022
Improper Control of Generation of Code in Apache Kafka
Moderate
CVE-2018-1288
was published
for
org.apache.kafka:kafka
(Maven)
May 13, 2022
Improper Control of Generation of Code in HawtJNI
Moderate
CVE-2013-2035
was published
for
org.fusesource.hawtjni:hawtjni-runtime
(Maven)
May 17, 2022
PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when...
Moderate
Unreviewed
CVE-2010-2677
was published
May 17, 2022
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,...
Moderate
Unreviewed
CVE-2021-29113
was published
Dec 8, 2021
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when...
Moderate
Unreviewed
CVE-2010-2618
was published
May 17, 2022
PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2,...
Moderate
Unreviewed
CVE-2010-2358
was published
May 17, 2022
PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when...
Moderate
Unreviewed
CVE-2010-1978
was published
May 17, 2022
Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka...
Moderate
Unreviewed
CVE-2010-1546
was published
May 17, 2022
MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel....
Moderate
Unreviewed
CVE-2021-39402
was published
May 24, 2022
Multiple PHP remote file inclusion vulnerabilities in openMairie openCimetiere 2.01, when...
Moderate
Unreviewed
CVE-2010-1944
was published
May 17, 2022
The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers...
Moderate
Unreviewed
CVE-2008-6531
was published
May 17, 2022
Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors...
Moderate
Unreviewed
CVE-2008-6373
was published
May 17, 2022
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals...
Moderate
Unreviewed
CVE-2008-7183
was published
May 17, 2022
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when...
Moderate
Unreviewed
CVE-2010-1528
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API