Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,053
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,920 advisories

Loading
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds... Moderate Unreviewed
CVE-2021-43389 was published May 24, 2022
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series... High Unreviewed
CVE-2021-40120 was published May 24, 2022
An HTML injection vulnerability exists in Sourcecodester Online Event Booking and Reservation... Moderate Unreviewed
CVE-2021-42663 was published May 24, 2022
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious... High Unreviewed
CVE-2022-29483 was published Jun 3, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... High Unreviewed
CVE-2022-26975 was published Jun 3, 2022
Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine... High Unreviewed
CVE-2022-29695 was published Jun 3, 2022
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject... High Unreviewed
CVE-2022-30496 was published Jun 3, 2022
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain... High Unreviewed
CVE-2020-19150 was published May 24, 2022
IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters. This may... Moderate Unreviewed
CVE-2021-20582 was published May 24, 2022
Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get... Moderate Unreviewed
CVE-2021-33686 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content... Low Unreviewed
CVE-2008-6229 was published May 17, 2022
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled... Moderate Unreviewed
CVE-2008-6304 was published May 17, 2022
Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass... Moderate Unreviewed
CVE-2008-6298 was published May 17, 2022
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection... High Unreviewed
CVE-2022-30425 was published Jun 3, 2022
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in ... Critical Unreviewed
CVE-2022-30478 was published Jun 3, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... Moderate Unreviewed
CVE-2022-26976 was published Jun 3, 2022
Cross site scripting in librenms Moderate
CVE-2022-29711 was published for librenms/librenms (Composer) Jun 3, 2022
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes... Moderate Unreviewed
CVE-2022-29731 was published Jun 3, 2022
An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted... Critical Unreviewed
CVE-2022-28945 was published Jun 3, 2022
A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC... High Unreviewed
CVE-2021-1615 was published May 24, 2022
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles... High Unreviewed
CVE-2021-21991 was published May 24, 2022
In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users... High Unreviewed
CVE-2021-42557 was published May 24, 2022
The vCenter Server contains a local information disclosure vulnerability in the Analytics service... Moderate Unreviewed
CVE-2021-22007 was published May 24, 2022
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain... High Unreviewed
CVE-2020-19155 was published May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40359 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database