Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,554 advisories

Loading
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote... High Unreviewed
CVE-2004-1928 was published Apr 29, 2022
TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote... High Unreviewed
CVE-2004-1386 was published Apr 29, 2022
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to... High Unreviewed
CVE-2004-1019 was published Apr 29, 2022
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition,... High Unreviewed
CVE-2004-0840 was published Apr 29, 2022
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters... High Unreviewed
CVE-2004-0411 was published Apr 29, 2022
Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers... High Unreviewed
CVE-2003-1487 was published Apr 29, 2022
SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2003-1490 was published Apr 29, 2022
guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the... High Unreviewed
CVE-2003-1425 was published Apr 29, 2022
PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers... High Unreviewed
CVE-2003-1402 was published Apr 29, 2022
DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1... High Unreviewed
CVE-2003-1405 was published Apr 29, 2022
foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct... High Unreviewed
CVE-2003-1403 was published Apr 29, 2022
Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows... High Unreviewed
CVE-2003-1364 was published Apr 29, 2022
Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of... High Unreviewed
CVE-2003-1003 was published Apr 29, 2022
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly... High Unreviewed
CVE-2003-0825 was published Apr 29, 2022
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2003-0567 was published Apr 29, 2022
Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An... High Unreviewed
CVE-2022-1509 was published Apr 29, 2022
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c,... High Unreviewed
CVE-2022-28193 was published Apr 28, 2022
gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function High Unreviewed
CVE-2012-6111 was published Apr 23, 2022
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which... High Unreviewed
CVE-2012-3409 was published Apr 23, 2022
FreeBSD: Input Validation Flaw allows local users to gain elevated privileges High Unreviewed
CVE-2012-4576 was published Apr 23, 2022
An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable. High Unreviewed
CVE-2012-2248 was published Apr 23, 2022
pam_shield before 0.9.4: Default configuration does not perform protective action High Unreviewed
CVE-2012-2350 was published Apr 23, 2022
mono 2.10.x ASP.NET Web Form Hash collision DoS High Unreviewed
CVE-2012-3543 was published Apr 23, 2022
xlockmore before 5.43 'dclock' security bypass vulnerability High Unreviewed
CVE-2012-4524 was published Apr 23, 2022
Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to... High Unreviewed
CVE-2012-6070 was published Apr 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database