GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,824

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,427 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path... High Unreviewed

CVE-2021-40668 was published Jun 10, 2022

Cross-site Scripting in FacturaScripts Moderate

CVE-2022-2016 was published for facturascripts/facturascripts (Composer) Jun 10, 2022

An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES... High Unreviewed

CVE-2022-25806 was published Jun 10, 2022

Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to... Moderate Unreviewed

CVE-2022-28330 was published Jun 10, 2022

A reflected cross-site scripting (XSS) vulnerability exists in the playerConfUrl parameter in the... Moderate Unreviewed

CVE-2022-2035 was published Jun 10, 2022

If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where... High Unreviewed

CVE-2022-30522 was published Jun 10, 2022

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. Moderate Unreviewed

CVE-2022-32202 was published Jun 3, 2022

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function... Critical Unreviewed

CVE-2021-42885 was published Jun 4, 2022

A command injection in the command parameter of Razer Sila Gaming Router v2.0.441_api-2.0.418... Critical Unreviewed

CVE-2022-29013 was published Jun 10, 2022

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function... Critical Unreviewed

CVE-2021-42890 was published Jun 4, 2022

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request... Critical Unreviewed

CVE-2021-42887 was published Jun 4, 2022

qDecoder before 12.1.0 does not ensure that the percent character is followed by two hex digits... Moderate Unreviewed

CVE-2022-32265 was published Jun 4, 2022

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to... High Unreviewed

CVE-2022-26364 was published Jun 10, 2022

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams... High Unreviewed

CVE-2022-31981 was published Jun 3, 2022

SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute... High Unreviewed

CVE-2010-1743 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in carga_foto_al.php in Siestta 2.0, when... Moderate Unreviewed

CVE-2010-1711 was published May 17, 2022

Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote... High Unreviewed

CVE-2010-1704 was published May 17, 2022

SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to... High Unreviewed

CVE-2010-1726 was published May 17, 2022

Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses... High Unreviewed

CVE-2008-6564 was published May 17, 2022

Multiple cross-site scripting (XSS) vulnerabilities in upload.cgi in G5-Scripts Auto-Img-Gallery... Moderate Unreviewed

CVE-2010-1709 was published May 17, 2022

Citrix Presentation Server Client for Windows before 10.200 does not clear "credential... Low Unreviewed

CVE-2008-6561 was published May 17, 2022

Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to... High Unreviewed

CVE-2008-6516 was published May 17, 2022

SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute... High Unreviewed

CVE-2010-1713 was published May 17, 2022

Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla!... Moderate Unreviewed

CVE-2010-1714 was published May 17, 2022

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager ... Moderate Unreviewed

CVE-2020-2620 was published May 24, 2022

Previous 1…366…400 Next

Previous 1 2 … 364 365 366 367 368 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,427 advisories