Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,862 advisories

Loading
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary... High Unreviewed
CVE-2021-24537 was published May 24, 2022
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. Critical Unreviewed
CVE-2021-30132 was published May 24, 2022
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts... Critical Unreviewed
CVE-2022-30512 was published Jun 3, 2022
Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php. Critical Unreviewed
CVE-2022-30797 was published Jun 3, 2022
elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar= Critical Unreviewed
CVE-2022-30815 was published Jun 3, 2022
Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index... High Unreviewed
CVE-2020-20124 was published May 24, 2022
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure. Critical Unreviewed
CVE-2021-41591 was published May 24, 2022
Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin... High Unreviewed
CVE-2022-30818 was published Jun 3, 2022
In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload... High Unreviewed
CVE-2022-30820 was published Jun 3, 2022
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php. High Unreviewed
CVE-2022-30829 was published Jun 3, 2022
In Wedding Management System v1.0, the editing function of the "Services" module in the... High Unreviewed
CVE-2022-30821 was published Jun 3, 2022
Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php. High Unreviewed
CVE-2022-30826 was published Jun 3, 2022
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence... High Unreviewed
CVE-2021-31602 was published May 24, 2022
An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid... High Unreviewed
CVE-2021-43411 was published May 24, 2022
Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism... Moderate Unreviewed
CVE-2022-31461 was published Jun 3, 2022
Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"... Moderate Unreviewed
CVE-2016-5260 was published May 17, 2022
Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event... Moderate Unreviewed
CVE-2016-4169 was published May 17, 2022
A flaw use after free in the Linux kernel pipes functionality was found in the way user do some... High Unreviewed
CVE-2022-1882 was published May 27, 2022
In SapphireIMS 5.0, it is possible to take over an account by sending a request to the... Critical Unreviewed
CVE-2020-25566 was published May 24, 2022
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0,... Low Unreviewed
CVE-2021-32600 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-38978 was published May 24, 2022
Improper access control in the firmware for the Intel(R) Ethernet Network Controller E810 before... Moderate Unreviewed
CVE-2021-0198 was published May 24, 2022
IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges... High Unreviewed
CVE-2021-29774 was published May 24, 2022
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader,... High Unreviewed
CVE-2021-21822 was published May 24, 2022
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection... High Unreviewed
CVE-2020-23050 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database