Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,868 advisories

Loading
Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1... Moderate Unreviewed
CVE-2022-30709 was published Jun 8, 2022
The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings... Moderate Unreviewed
CVE-2022-1645 was published May 31, 2022
The Team Members WordPress plugin before 5.1.1 does not escape some of its Team settings, which... Moderate Unreviewed
CVE-2022-1568 was published May 31, 2022
The Call&Book Mobile Bar WordPress plugin through 1.2.2 does not sanitize and escape some of its... Moderate Unreviewed
CVE-2022-1644 was published May 31, 2022
The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter... Critical Unreviewed
CVE-2022-1556 was published May 31, 2022
The User Meta WordPress plugin before 2.4.3 does not sanitise and escape the Form Name, as well... Moderate Unreviewed
CVE-2022-0376 was published May 31, 2022
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS... High Unreviewed
CVE-2022-26741 was published May 27, 2022
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4... Moderate Unreviewed
CVE-2021-24219 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24195 was published May 24, 2022
There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-22474 was published May 24, 2022
The WP 2FA WordPress plugin before 2.2.1 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2022-1527 was published May 31, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could... High Unreviewed
CVE-2022-30687 was published May 28, 2022
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function... Critical Unreviewed
CVE-2021-42875 was published Jun 3, 2022
The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04... High Unreviewed
CVE-2015-1332 was published May 17, 2022
dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in controllers/api.php via the... Moderate Unreviewed
CVE-2017-11629 was published May 17, 2022
Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and... Moderate Unreviewed
CVE-2008-6024 was published May 17, 2022
uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated users to execute arbitrary... High Unreviewed
CVE-2017-11760 was published May 17, 2022
imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a... High Unreviewed
CVE-2008-6079 was published May 17, 2022
Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in... High Unreviewed
CVE-2008-6070 was published May 17, 2022
SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute... High Unreviewed
CVE-2008-6026 was published May 17, 2022
MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. Moderate Unreviewed
CVE-2017-11716 was published May 17, 2022
job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related... Critical Unreviewed
CVE-2017-11715 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers... Moderate Unreviewed
CVE-2008-6034 was published May 17, 2022
Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and... High Unreviewed
CVE-2008-6021 was published May 17, 2022
It has been discovered that redhat-certification does not restrict file access in the /update... Critical Unreviewed
CVE-2018-10867 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database