Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,577 advisories

Loading
Microsoft SharePoint Spoofing Vulnerability Moderate Unreviewed
CVE-2021-24104 was published May 24, 2022
Improper Input Validation in Apache Batik Moderate
CVE-2015-0250 was published for org.apache.xmlgraphics:batik (Maven) May 17, 2022
Improper Input Validation in Jenkins Low
CVE-2017-1000401 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
When a user opens manipulated Portable Document Format (.PDF) files received from untrusted... Moderate Unreviewed
CVE-2021-27595 was published May 24, 2022
Improper Input Validation in strapi Moderate
CVE-2020-13961 was published for strapi (npm) May 24, 2022
Improper Input Validation in Drools and jBPM High
CVE-2014-8125 was published for org.drools:drools-core (Maven) May 17, 2022
An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the... High Unreviewed
CVE-2018-4026 was published May 24, 2022
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php ... Moderate Unreviewed
CVE-2020-11579 was published May 24, 2022
Improper Input Validation in Bouncy Castle Moderate
CVE-2013-1624 was published for org.bouncycastle:bcprov-jdk15on (Maven) May 14, 2022
Improper Input Validation in Deap Critical
CVE-2018-3749 was published for deap (npm) May 14, 2022
Improper Input Validation in Apache Qpid AMQP 0-x JMS High
CVE-2016-4974 was published for org.apache.qpid:qpid-jms-client (Maven) May 14, 2022
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating... Moderate Unreviewed
CVE-2020-12391 was published May 24, 2022
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the ... Moderate Unreviewed
CVE-2022-4033 was published Nov 29, 2022
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1... High Unreviewed
CVE-2016-1351 was published May 17, 2022
ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain... High Unreviewed
CVE-2021-27230 was published May 24, 2022
There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a... High Unreviewed
CVE-2021-3487 was published May 24, 2022
An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents... Moderate Unreviewed
CVE-2021-26029 was published May 24, 2022
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the... Moderate Unreviewed
CVE-2021-28150 was published May 24, 2022
An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able... High Unreviewed
CVE-2020-24985 was published May 24, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... Moderate Unreviewed
CVE-2021-44385 was published Jan 29, 2022
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a... Moderate Unreviewed
CVE-2021-30540 was published May 24, 2022
When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted... Moderate Unreviewed
CVE-2021-27596 was published May 24, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).... Moderate Unreviewed
CVE-2017-3258 was published May 14, 2022
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31950, CVE... High Unreviewed
CVE-2021-31948 was published May 24, 2022
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on... Critical Unreviewed
CVE-2018-4018 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database