GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

300,985 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon... High Unreviewed

CVE-2021-1930 was published May 24, 2022

SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The "Remove file" functionality... Moderate Unreviewed

CVE-2022-28478 was published Jun 7, 2022

BI Launchpad and CMC in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2,... Moderate Unreviewed

CVE-2020-6220 was published Jun 7, 2022

Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to... Moderate Unreviewed

CVE-2008-6470 was published May 17, 2022

PHP remote file inclusion vulnerability in news/include/createdb.php in Web Server Creator Web... High Unreviewed

CVE-2008-6545 was published May 17, 2022

In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This... Moderate Unreviewed

CVE-2022-21755 was published Jun 7, 2022

In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead... High Unreviewed

CVE-2022-21745 was published Jun 7, 2022

In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed

CVE-2022-21746 was published Jun 7, 2022

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could... Critical Unreviewed

CVE-2022-31768 was published Jun 7, 2022

Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2... High Unreviewed

CVE-2017-10677 was published May 17, 2022

Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in... Low Unreviewed

CVE-2020-7299 was published May 24, 2022

** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF)... High Unreviewed

CVE-2008-6544 was published May 17, 2022

SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new... Moderate Unreviewed

CVE-2021-43337 was published May 24, 2022

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14... High Unreviewed

CVE-2021-30653 was published May 24, 2022

A local attacker may be able to view Now Playing information from the lock screen. This issue is... Moderate Unreviewed

CVE-2021-30756 was published May 24, 2022

Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows... Moderate Unreviewed

CVE-2021-20759 was published May 24, 2022

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution. High Unreviewed

CVE-2022-30586 was published Jun 7, 2022

Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service... Moderate Unreviewed

CVE-2017-8623 was published May 17, 2022

The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease... High Unreviewed

CVE-2022-1419 was published Jun 3, 2022

LinkPlay Sound Bar v1.0 allows attackers to escalate privileges via a hardcoded password for the... Critical Unreviewed

CVE-2022-28605 was published Jun 3, 2022

A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker... Moderate Unreviewed

CVE-2021-1467 was published May 24, 2022

Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute... Critical Unreviewed

CVE-2016-4263 was published May 17, 2022

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and... Moderate Unreviewed

CVE-2008-6428 was published May 17, 2022

Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows attackers to obtain the ... Moderate Unreviewed

CVE-2008-6417 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allows remote attackers to... Moderate Unreviewed

CVE-2008-6400 was published May 17, 2022

Previous 1…378…400 Next

Previous 1 2 … 376 377 378 379 380 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

300,985 advisories