Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,470
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,094 advisories

Loading
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a ... High Unreviewed
CVE-2006-1306 was published May 1, 2022
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to... High Unreviewed
CVE-2006-1308 was published May 1, 2022
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a ... High Unreviewed
CVE-2006-1301 was published May 1, 2022
Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and... High Unreviewed
CVE-2006-1303 was published May 1, 2022
PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote... High Unreviewed
CVE-2006-1154 was published May 1, 2022
config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include... High Unreviewed
CVE-2006-1031 was published May 1, 2022
Eval injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a, when index... High Unreviewed
CVE-2006-0887 was published May 1, 2022
PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows... High Unreviewed
CVE-2006-0854 was published May 1, 2022
PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier... High Unreviewed
CVE-2006-0565 was published May 1, 2022
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up... High Unreviewed
CVE-2006-0397 was published May 1, 2022
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up... High Unreviewed
CVE-2006-0399 was published May 1, 2022
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up... High Unreviewed
CVE-2006-0398 was published May 1, 2022
PHP remote file inclusion vulnerability in htmltonuke.php in the htmltonuke 2.0 alpha, and... High Unreviewed
CVE-2006-0308 was published May 1, 2022
The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote... High Unreviewed
CVE-2006-0144 was published May 1, 2022
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to... High Unreviewed
CVE-2006-0094 was published May 1, 2022
PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote... High Unreviewed
CVE-2006-0064 was published May 1, 2022
PHP remote file include vulnerability in plog-admin-functions.php in Plogger Beta 2 allows remote... High Unreviewed
CVE-2005-4573 was published May 1, 2022
PHP remote file inclusion vulnerability in athena.php in Oliver May Athena PHP Website... High Unreviewed
CVE-2005-3860 was published May 1, 2022
PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 allows remote attackers to... High Unreviewed
CVE-2005-3859 was published May 1, 2022
PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows... High Unreviewed
CVE-2005-3861 was published May 1, 2022
PHP remote file inclusion vulnerability in support/index.php in DeskLance 2.3 and earlier allows... High Unreviewed
CVE-2005-3835 was published May 1, 2022
PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to... High Unreviewed
CVE-2005-3775 was published May 1, 2022
The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the First4Internet XCP DRM, has... High Unreviewed
CVE-2005-3650 was published May 1, 2022
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute... High Unreviewed
CVE-2005-3302 was published May 1, 2022
Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote... High Unreviewed
CVE-2005-2837 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database