Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,629 advisories

Loading
A vulnerability was found in Everywhere CMS. It has been classified as critical. Affected is an... High Unreviewed
CVE-2020-36537 was published Jun 8, 2022
Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in Pre ASP Job Board allows... Moderate Unreviewed
CVE-2008-6847 was published May 17, 2022
RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user... Moderate Unreviewed
CVE-2008-6886 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings 1.0 allows... Moderate Unreviewed
CVE-2008-6888 was published May 17, 2022
phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain... Moderate Unreviewed
CVE-2008-6999 was published May 17, 2022
Directory traversal vulnerability in admin/index.php in Article Friendly, when magic_quotes_gpc... Moderate Unreviewed
CVE-2010-2136 was published May 17, 2022
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed
CVE-2022-30918 was published Jun 9, 2022
The Video Slider WordPress plugin before 1.4.8 does not sanitize or escape some of its video... Moderate Unreviewed
CVE-2022-1541 was published Jun 9, 2022
An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to... Moderate Unreviewed
CVE-2022-29627 was published Jun 3, 2022
Unicorn Engine v1.0.3 was discovered to contain a use-after-free vulnerability via the hook... High Unreviewed
CVE-2022-29692 was published Jun 3, 2022
Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to... High Unreviewed
CVE-2022-30726 was published Jun 8, 2022
Path Traversal in Git HTTP endpoints in Gogs High
CVE-2022-1993 was published for gogs.io/gogs (Go) Jun 8, 2022
Sim4n6
Credited to Sim4n6
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is... High Unreviewed
CVE-2020-14125 was published Jun 9, 2022
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed
CVE-2022-30926 was published Jun 9, 2022
The Ask me WordPress theme before 6.8.2 does not properly sanitise and escape several of the... Moderate Unreviewed
CVE-2022-1241 was published Jun 9, 2022
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration... Moderate Unreviewed
CVE-2022-30277 was published Jun 3, 2022
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in... Critical Unreviewed
CVE-2022-30423 was published Jun 3, 2022
Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in ... Critical Unreviewed
CVE-2022-30490 was published Jun 3, 2022
Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin... High Unreviewed
CVE-2022-30795 was published Jun 3, 2022
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30712 was published Jun 8, 2022
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022... Moderate Unreviewed
CVE-2022-30721 was published Jun 8, 2022
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022... Moderate Unreviewed
CVE-2022-30720 was published Jun 8, 2022
Unserialized Pop Chain in Laravel Critical
CVE-2022-31279 was published for laravel/laravel (Composer) Jun 8, 2022 withdrawn
mir-hossein
Credited to mir-hossein
libmobi before v0.10 contains a NULL pointer dereference via the component mobi_buffer_getpointer... Moderate Unreviewed
CVE-2022-29788 was published Jun 3, 2022
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service ("runtime... Moderate Unreviewed
CVE-2008-6672 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database