GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,090 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-site scripting (XSS) vulnerability in index.php in Extrakt Framework 0.7 allows remote... Moderate Unreviewed

CVE-2008-6217 was published May 17, 2022

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager ... Moderate Unreviewed

CVE-2020-2638 was published May 24, 2022

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted... Low Unreviewed

CVE-2020-16150 was published May 24, 2022

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed

CVE-2020-14725 was published May 24, 2022

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager ... Moderate Unreviewed

CVE-2020-2646 was published May 24, 2022

In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing... Low Unreviewed

CVE-2020-0067 was published May 24, 2022

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically... Low Unreviewed

CVE-2021-25409 was published May 24, 2022

An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/PrivateMessages... Critical Unreviewed

CVE-2021-32607 was published May 24, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara before 1.0.15, 1.1.x before... Moderate Unreviewed

CVE-2010-1668 was published May 17, 2022

Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x... Moderate Unreviewed

CVE-2008-6276 was published May 17, 2022

It has been discovered that redhat-certification does not perform an authorization check and it... Critical Unreviewed

CVE-2018-10866 was published May 24, 2022

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of... Low Unreviewed

CVE-2020-2649 was published May 24, 2022

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager ... Moderate Unreviewed

CVE-2020-2644 was published May 24, 2022

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can... High Unreviewed

CVE-2021-20277 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed

CVE-2021-24191 was published May 24, 2022

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious... Critical Unreviewed

CVE-2021-20236 was published May 24, 2022

Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root... Moderate Unreviewed

CVE-2021-25411 was published May 24, 2022

An issue was discovered in the Linux kernel through 5.7.1. drivers/tty/vt/keyboard.c has an... High Unreviewed

CVE-2020-13974 was published May 24, 2022

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite ... Moderate Unreviewed

CVE-2020-2651 was published May 24, 2022

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others).... Moderate Unreviewed

CVE-2020-2662 was published May 24, 2022

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite ... Moderate Unreviewed

CVE-2020-2652 was published May 24, 2022

Agentflow BPM enterprise management system has improper authentication. A remote attacker with... High Unreviewed

CVE-2022-39038 was published Nov 10, 2022

mm-wiki is vulnerable to Cross-Site Scripting (XSS) Moderate

CVE-2021-40289 was published for github.com/phachon/mm-wiki (Go) Nov 10, 2022

In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config... High Unreviewed

CVE-2022-3461 was published Nov 15, 2022

Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote... High Unreviewed

CVE-2022-42786 was published Nov 10, 2022

Previous 1…369…400 Next

Previous 1 2 … 367 368 369 370 371 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,090 advisories