Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,786 advisories

Loading
A vulnerability, which was classified as critical, was found in Neetai Tech. Affected is an... Critical Unreviewed
CVE-2020-36540 was published Jun 8, 2022
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete... Critical Unreviewed
CVE-2022-25361 was published Jun 8, 2022
An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the... High Unreviewed
CVE-2022-31483 was published Jun 7, 2022
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6... Moderate Unreviewed
CVE-2022-30733 was published Jun 8, 2022
PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an... High Unreviewed
CVE-2019-9971 was published Jun 8, 2022
Cross Site Request Forgery in Mingsoft MCMS High
CVE-2022-29647 was published for net.mingsoft:ms-mcms (Maven) Jun 3, 2022
EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL... Critical Unreviewed
CVE-2021-44096 was published Jun 3, 2022
Cross site scripting in Jfinal Moderate
CVE-2022-29648 was published for com.jflyfox:jflyfox_jfinal (Maven) Jun 3, 2022
An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android,... Moderate Unreviewed
CVE-2021-43512 was published Jun 3, 2022
A malformed Class 3 common industrial protocol message with a cached connection can cause a... High Unreviewed
CVE-2022-1797 was published Jun 3, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... Moderate Unreviewed
CVE-2022-26977 was published Jun 3, 2022
Denial of service in BOOT when partition size for a particular partition is requested due to... Moderate Unreviewed
CVE-2022-22078 was published Oct 19, 2022
FlatCore-CMS 2.0.9 has a cross-site scripting (XSS) vulnerability in pages.edit.php through meta... Moderate Unreviewed
CVE-2021-42245 was published Jun 7, 2022
Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6... High Unreviewed
CVE-2022-30732 was published Jun 8, 2022
A vulnerability was found in Eatan CMS. It has been declared as critical. Affected by this... High Unreviewed
CVE-2020-36538 was published Jun 8, 2022
A Command Injection vulnerability in httpd web server (setup.cgi) in SerComm h500s, FW: lowi... High Unreviewed
CVE-2021-44080 was published Jun 3, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... Moderate Unreviewed
CVE-2022-26978 was published Jun 3, 2022
Specific BD Pyxis™ products were installed with default credentials and may presently still... High Unreviewed
CVE-2022-22767 was published Jun 3, 2022
DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows... High Unreviewed
CVE-2022-30744 was published Jun 8, 2022
A vulnerability classified as problematic was found in Countdown Timer. This vulnerability... Moderate Unreviewed
CVE-2020-36526 was published Jun 8, 2022
A vulnerability classified as problematic has been found in Linking. This affects an unknown part... Moderate Unreviewed
CVE-2020-36525 was published Jun 8, 2022
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2022-21750 was published Jun 7, 2022
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2022-21762 was published Jun 7, 2022
joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture... Moderate Unreviewed
CVE-2022-30466 was published Jun 8, 2022
** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH... Moderate Unreviewed
CVE-2022-29620 was published Jun 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database