Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

306,175 advisories

Loading
A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the... Moderate Unreviewed
CVE-2022-24071 was published Jan 29, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An... High Unreviewed
CVE-2020-28884 was published Jan 29, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An... High Unreviewed
CVE-2020-28885 was published Jan 29, 2022
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are... High Unreviewed
CVE-2022-24122 was published Jan 30, 2022
MarkText through 0.16.3 does not sanitize the input of a mermaid block before rendering. This... Critical Unreviewed
CVE-2022-24123 was published Jan 31, 2022
Adenza AxiomSL ControllerView through 10.8.1 allows redirection for SSO login URLs. Moderate Unreviewed
CVE-2022-22919 was published Jan 31, 2022
save_window_function_values in MariaDB before 10.6.3 allows an application crash because of... Moderate Unreviewed
CVE-2021-46658 was published Jan 31, 2022
Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks. Critical Unreviewed
CVE-2021-46660 was published Jan 31, 2022
get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses... Moderate Unreviewed
CVE-2021-46657 was published Jan 31, 2022
MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX:... Moderate Unreviewed
CVE-2021-46659 was published Jan 31, 2022
Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can... Moderate Unreviewed
CVE-2022-24032 was published Jan 31, 2022
Incorrect Authorization in calibreweb High
CVE-2022-0273 was published for calibreweb (pip) Jan 31, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24265 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24266 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24264 was published Feb 1, 2022
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP... Moderate Unreviewed
CVE-2021-44114 was published Feb 1, 2022
Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component... High Unreviewed
CVE-2021-46459 was published Feb 1, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to... High Unreviewed
CVE-2021-42635 was published Feb 1, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading... High Unreviewed
CVE-2021-42631 was published Feb 1, 2022
Emlog pro v1.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in... Moderate Unreviewed
CVE-2022-23872 was published Feb 1, 2022
Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source... Critical Unreviewed
CVE-2020-36064 was published Feb 1, 2022
There is an information exposure vulnerability on several Huawei Products. The vulnerability is... Moderate Unreviewed
CVE-2021-40033 was published Feb 1, 2022
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit... Moderate Unreviewed
CVE-2021-40042 was published Feb 1, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin... Critical Unreviewed
CVE-2021-46458 was published Feb 1, 2022
In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd can... High Unreviewed
CVE-2021-46101 was published Feb 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database