Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

87,228 advisories

Loading
A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF)... High Unreviewed
CVE-2011-3582 was published Apr 22, 2022
websitebaker prior to and including 2.8.1 has an authentication error in backup module. High Unreviewed
CVE-2011-4322 was published Apr 22, 2022
A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in... High Unreviewed
CVE-2011-2934 was published Apr 22, 2022
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank... High Unreviewed
CVE-2011-2187 was published Apr 22, 2022
The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. High Unreviewed
CVE-2011-4310 was published Apr 22, 2022
A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain... High Unreviewed
CVE-2011-4082 was published Apr 22, 2022
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way... High Unreviewed
CVE-2011-3630 was published Apr 22, 2022
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local... High Unreviewed
CVE-2011-3632 was published Apr 22, 2022
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT... High Unreviewed
CVE-2011-3596 was published Apr 22, 2022
evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to... High Unreviewed
CVE-2011-3355 was published Apr 22, 2022
openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system... High Unreviewed
CVE-2011-3351 was published Apr 22, 2022
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. High Unreviewed
CVE-2011-0529 was published Apr 22, 2022
ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local... High Unreviewed
CVE-2011-2922 was published Apr 22, 2022
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files... High Unreviewed
CVE-2011-3349 was published Apr 22, 2022
tog-Pegasus has a package hash collision DoS vulnerability High Unreviewed
CVE-2011-4967 was published Apr 22, 2022
The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a... High Unreviewed
CVE-2011-2910 was published Apr 22, 2022
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the... High Unreviewed
CVE-2011-2726 was published Apr 22, 2022
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow... High Unreviewed
CVE-2011-1145 was published Apr 22, 2022
gpw generates shorter passwords than required High Unreviewed
CVE-2011-4931 was published Apr 22, 2022
Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability... High Unreviewed
CVE-2011-2538 was published Apr 22, 2022
The user-access-manager plugin before 1.2 for WordPress has CSRF. High Unreviewed
CVE-2011-5328 was published Apr 22, 2022
Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so. High Unreviewed
CVE-2011-1830 was published Apr 22, 2022
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can... High Unreviewed
CVE-2010-2061 was published Apr 21, 2022
Tiki Wiki CMS Groupware 5.2 has CSRF High Unreviewed
CVE-2010-4241 was published Apr 21, 2022
On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell... High Unreviewed
CVE-2009-5157 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API