Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

305,667 advisories

Loading
Path Traversal in SharpZipLib High
CVE-2021-32840 was published for SharpZipLib (NuGet) Feb 1, 2022
Path Traversal in SharpZipLib Moderate
CVE-2021-32841 was published for SharpZipLib (NuGet) Feb 1, 2022
Path Traversal in SharpZipLib Moderate
CVE-2021-32842 was published for SharpZipLib (NuGet) Feb 1, 2022
Neo4j Graph Database vulnerable to Path Traversal Critical
CVE-2021-42767 was published for org.neo4j.procedure:apoc (Maven) Feb 1, 2022
ngrodum
Credited to ngrodum
Dolibarr vulnerable to Improper Validation of Specified Quantity in Input Moderate
CVE-2022-0414 was published for dolibarr/dolibarr (Composer) Feb 1, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php. Critical Unreviewed
CVE-2022-24220 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions... Critical Unreviewed
CVE-2022-24221 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php. Critical Unreviewed
CVE-2022-24222 was published Feb 2, 2022
Out-of-bounds Read in iText Moderate
CVE-2022-24198 was published for com.itextpdf:itext7-core (Maven) Feb 2, 2022
mprins
Credited to mprins
Allocation of Resources Without Limits or Throttling in iText Moderate
CVE-2022-24196 was published for com.itextpdf:itext7-core (Maven) Feb 2, 2022
Out-of-bounds Write in iText Moderate
CVE-2022-24197 was published for com.itextpdf:itext7-core (Maven) Feb 2, 2022
Insufficiently Protected Credentials in Apache Superset High
CVE-2021-44451 was published for apache-superset (pip) Feb 2, 2022
Path Traversal in w-zip Critical
CVE-2022-0401 was published for w-zip (npm) Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php. Critical Unreviewed
CVE-2022-24219 was published Feb 2, 2022
An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files. Critical Unreviewed
CVE-2022-24218 was published Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the... Critical Unreviewed
CVE-2021-43509 was published Feb 2, 2022
Ivanti Service Manager 2021.1 allows reflected XSS via the appName parameter associated with... Moderate Unreviewed
CVE-2021-38560 was published Feb 2, 2022
RosarioSIS XSS Vulnerability Moderate
CVE-2021-45416 was published for francoisjacquet/rosariosis (Composer) Feb 2, 2022
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php. Critical Unreviewed
CVE-2021-46093 was published Feb 2, 2022
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise... Critical Unreviewed
CVE-2022-0320 was published Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the... Critical Unreviewed
CVE-2021-43510 was published Feb 2, 2022
The Contact Form 7 Skins WordPress plugin through 2.5.0 does not sanitise and escape the tab... Moderate Unreviewed
CVE-2021-25063 was published Feb 2, 2022
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.69 does not sanitise and... Moderate Unreviewed
CVE-2021-25089 was published Feb 2, 2022
The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting... High Unreviewed
CVE-2021-25093 was published Feb 2, 2022
The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in... Moderate Unreviewed
CVE-2021-25097 was published Feb 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database