Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,862 advisories

Loading
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter... Moderate Unreviewed
CVE-2022-1684 was published Jun 9, 2022
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity... Moderate Unreviewed
CVE-2022-28385 was published Jun 9, 2022
The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise... Moderate Unreviewed
CVE-2022-1685 was published Jun 9, 2022
A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in... Critical Unreviewed
CVE-2018-25011 was published May 24, 2022
NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. Critical Unreviewed
CVE-2021-45981 was published Jun 3, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25010 was published May 24, 2022
gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before... Moderate Unreviewed
CVE-2008-5916 was published May 17, 2022
SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute... High Unreviewed
CVE-2008-5946 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO... Moderate Unreviewed
CVE-2008-5976 was published May 17, 2022
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell... Critical Unreviewed
CVE-2021-40084 was published May 24, 2022
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP... High Unreviewed
CVE-2021-29923 was published May 24, 2022
An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D... High Unreviewed
CVE-2021-21817 was published May 24, 2022
A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR... High Unreviewed
CVE-2021-21819 was published May 24, 2022
NetSarang Xshell 7 before Build 0077 includes unintended code strings in paste operations. Moderate Unreviewed
CVE-2021-37326 was published May 24, 2022
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page... High Unreviewed
CVE-2022-31986 was published Jun 3, 2022
An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the... High Unreviewed
CVE-2021-42199 was published Jun 3, 2022
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management... High Unreviewed
CVE-2022-32027 was published Jun 3, 2022
Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to... High Unreviewed
CVE-2021-25401 was published May 24, 2022
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass... Moderate Unreviewed
CVE-2020-15077 was published May 24, 2022
The Glass WordPress plugin through 1.3.2 does not sanitise or escape its "Glass Pages" setting... Moderate Unreviewed
CVE-2021-24434 was published May 24, 2022
Improper access control vulnerability in FirmwareUpgrade in QSAN Storage Manager allows remote... High Unreviewed
CVE-2021-32514 was published May 24, 2022
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding... High Unreviewed
CVE-2021-21854 was published May 24, 2022
In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c... Moderate Unreviewed
CVE-2020-18778 was published May 24, 2022
A vulnerability in the EtherChannel port subscription logic of Cisco Nexus 9500 Series Switches... Moderate Unreviewed
CVE-2021-1591 was published May 24, 2022
Code Injection in metacalc Critical
CVE-2022-21122 was published for metacalc (npm) Jun 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database