Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,670 advisories

Loading
An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_download.php via an id... Critical Unreviewed
CVE-2019-12350 was published Jun 3, 2022
Command injection in google-it High
CVE-2021-34083 was published for google-it (npm) Jun 3, 2022
The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18... Moderate Unreviewed
CVE-2022-28051 was published Jun 7, 2022
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3... High Unreviewed
CVE-2022-22396 was published Jun 7, 2022
A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net... High Unreviewed
CVE-2022-1966 was published Jun 7, 2022
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the... Moderate Unreviewed
CVE-2021-42202 was published Jun 3, 2022
In Afian Filerun 20220202, lack of sanitization of the POST parameter "metadata[]" in `/?module... High Unreviewed
CVE-2022-30469 was published Jun 7, 2022
Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension... High Unreviewed
CVE-2010-1572 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the eTracker module before 6.x-1.2 for Drupal allows... Moderate Unreviewed
CVE-2010-1543 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to... Moderate Unreviewed
CVE-2010-1611 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9,... Moderate Unreviewed
CVE-2010-1667 was published May 17, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... High Unreviewed
CVE-2022-20806 was published May 28, 2022
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2022-21752 was published Jun 7, 2022
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This... Moderate Unreviewed
CVE-2022-21756 was published Jun 7, 2022
LibreHealth EHR Base 2.0.0 allows interface/orders/patient_match_dialog.php key XSS. Moderate Unreviewed
CVE-2022-31498 was published Jun 7, 2022
Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental... Critical Unreviewed
CVE-2022-32019 was published Jun 3, 2022
Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system... High Unreviewed
CVE-2022-32024 was published Jun 3, 2022
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/category... High Unreviewed
CVE-2022-32013 was published Jun 3, 2022
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the... High Unreviewed
CVE-2021-42201 was published Jun 3, 2022
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company... High Unreviewed
CVE-2022-32007 was published Jun 3, 2022
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q... High Unreviewed
CVE-2022-32017 was published Jun 3, 2022
SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin... Moderate Unreviewed
CVE-2022-28479 was published Jun 7, 2022
Server-Side Request Forgery in Jodd HTTP High
CVE-2022-29631 was published for org.jodd:jodd-http (Maven) Jun 7, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an Access... High Unreviewed
CVE-2022-38427 was published Sep 17, 2022
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of... Moderate Unreviewed
CVE-2022-28854 was published Sep 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database