Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,871 advisories

Loading
An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id... Critical Unreviewed
CVE-2019-12351 was published Jun 3, 2022
A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7... High Unreviewed
CVE-2019-25069 was published Jun 10, 2022
A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been declared as critical... Critical Unreviewed
CVE-2017-20025 was published Jun 10, 2022
Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information... Moderate Unreviewed
CVE-2022-30702 was published Jun 10, 2022
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/classes/Master... Critical Unreviewed
CVE-2022-31993 was published Jun 3, 2022
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master... Critical Unreviewed
CVE-2022-31990 was published Jun 3, 2022
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/applicants... High Unreviewed
CVE-2022-32011 was published Jun 3, 2022
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page... High Unreviewed
CVE-2022-31994 was published Jun 3, 2022
An issue was discovered in zzcms 2019. SQL Injection exists in /admin/dl_sendsms.php via the id... Critical Unreviewed
CVE-2019-12349 was published Jun 3, 2022
Couchbase Server before 7.1.0 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-33504 was published Jun 3, 2022
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2. Moderate Unreviewed
CVE-2022-2015 was published Jun 10, 2022
Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via... Critical Unreviewed
CVE-2022-31390 was published Jun 10, 2022
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2022-29704 was published Jun 3, 2022
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/services... High Unreviewed
CVE-2022-32006 was published Jun 3, 2022
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management... High Unreviewed
CVE-2022-32026 was published Jun 3, 2022
An Insecure Direct Object Reference (IDOR) issue in fn2Web in ihb eG FlexNow before 2.04.09.016... Moderate Unreviewed
CVE-2022-30760 was published Jun 10, 2022
Cross-site Scripting (XSS) - DOM in GitHub repository kromitgmbh/titra prior to 0.77.0. Moderate Unreviewed
CVE-2022-2029 was published Jun 10, 2022
Server-side request forgery in Apache Dubbo Moderate
CVE-2022-24969 was published for com.alibaba:dubbo (Maven) Jun 10, 2022
In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web... High Unreviewed
CVE-2022-30075 was published Jun 10, 2022
An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could... Moderate Unreviewed
CVE-2022-0823 was published Jun 10, 2022
IBM API Connect 5.0.0.0 through 5.0.8.11 could alllow a remote user to obtain sensitive... Critical Unreviewed
CVE-2021-29715 was published May 24, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another... High Unreviewed
CVE-2021-28131 was published May 24, 2022
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding... High Unreviewed
CVE-2021-21839 was published May 24, 2022
The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within... High Unreviewed
CVE-2021-40186 was published Jun 3, 2022
An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may... High Unreviewed
CVE-2021-25654 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database