Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,210 advisories

Loading
Typo3 Arbitrary File Delete Moderate
CVE-2011-4902 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Improper Access Control Moderate
CVE-2011-4904 was published for typo3/cms (Composer) Apr 22, 2022
TYPO3 is vulnerable to Spam Abuse in the native form content element Moderate
CVE-2010-3667 was published for typo3/cms-frontend (Composer) Apr 21, 2022
Mumble: murmur-server has DoS due to malformed client query Moderate Unreviewed
CVE-2010-2490 was published Apr 21, 2022
paxtest handles temporary files insecurely Moderate Unreviewed
CVE-2010-3373 was published Apr 21, 2022
mailscanner can allow local users to prevent virus signatures from being updated Moderate Unreviewed
CVE-2010-3293 was published Apr 21, 2022
The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for... Moderate Unreviewed
CVE-2009-5158 was published Apr 21, 2022
A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients... Moderate Unreviewed
CVE-2022-20684 was published Apr 16, 2022
A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000... Moderate Unreviewed
CVE-2022-20761 was published Apr 16, 2022
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE... Moderate Unreviewed
CVE-2022-28329 was published Apr 13, 2022
When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received from untrusted... Moderate Unreviewed
CVE-2022-26107 was published Apr 13, 2022
When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received from... Moderate Unreviewed
CVE-2022-26106 was published Apr 13, 2022
When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received from untrusted sources... Moderate Unreviewed
CVE-2022-26108 was published Apr 13, 2022
When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received from... Moderate Unreviewed
CVE-2022-26109 was published Apr 13, 2022
When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received from untrusted sources in... Moderate Unreviewed
CVE-2022-27655 was published Apr 13, 2022
When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received from untrusted sources... Moderate Unreviewed
CVE-2022-27654 was published Apr 13, 2022
Header Injection Moderate
CVE-2018-1000883 was published for plug (Erlang) Apr 12, 2022
In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2022-20070 was published Apr 12, 2022
In vow, there is a possible read of uninitialized data due to a improper input validation. This... Moderate Unreviewed
CVE-2022-20079 was published Apr 12, 2022
ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to... Moderate Unreviewed
CVE-2022-25595 was published Apr 8, 2022
An improper input validation vulnerability in the sniffer interface of FortiSandbox before 3.2.2... Moderate Unreviewed
CVE-2020-29013 was published Apr 7, 2022
A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for... Moderate Unreviewed
CVE-2022-20784 was published Apr 7, 2022
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758... Moderate Unreviewed
CVE-2022-0455 was published Apr 6, 2022
IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain... Moderate Unreviewed
CVE-2022-22311 was published Apr 1, 2022
In Messaging, there is a possible way to bypass attachment restrictions due to improper input... Moderate Unreviewed
CVE-2021-39740 was published Mar 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database