Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,626
Maven
5,000+
npm
4,257
NuGet
760
pip
4,051
Pub
12
RubyGems
954
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,637 advisories

Loading
A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic.... Moderate Unreviewed
CVE-2018-25036 was published Jun 13, 2022
Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/table_edit_ajax.php. Critical Unreviewed
CVE-2022-31340 was published Jun 3, 2022
A vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some... Critical Unreviewed
CVE-2017-20029 was published Jun 11, 2022
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/category/index... Critical Unreviewed
CVE-2022-31337 was published Jun 3, 2022
Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration"... Critical Unreviewed
CVE-2021-21502 was published May 24, 2022
IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2020-4146 was published May 24, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS... Low Unreviewed
CVE-2021-30816 was published May 24, 2022
In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-21749 was published Jun 7, 2022
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.)... High Unreviewed
CVE-2021-42891 was published Jun 4, 2022
An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569... High Unreviewed
CVE-2022-43310 was published Nov 10, 2022
Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012... High Unreviewed
CVE-2017-0293 was published May 17, 2022
The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to... Moderate Unreviewed
CVE-2016-4253 was published May 17, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through... High Unreviewed
CVE-2016-1409 was published May 17, 2022
The Grapevine update process in Cisco Application Policy Infrastructure Controller Enterprise... High Unreviewed
CVE-2016-1365 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows... Moderate Unreviewed
CVE-2016-4168 was published May 17, 2022
Cisco IP Phone 8800 devices with software 11.0(1) allow remote attackers to cause a denial of... High Unreviewed
CVE-2016-1479 was published May 17, 2022
Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x... Moderate Unreviewed
CVE-2017-12572 was published May 17, 2022
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the... High Unreviewed
CVE-2017-8674 was published May 17, 2022
An unauthenticated attacker can send a specially crafted update file to the device that can... Critical Unreviewed
CVE-2022-31481 was published Jun 7, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed
CVE-2021-43271 was published Jun 4, 2022
TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker... High Unreviewed
CVE-2021-42886 was published Jun 4, 2022
Multiple vulnerabilities vulnerability in Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service... High Unreviewed
CVE-2022-26493 was published Jun 4, 2022
Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. High Unreviewed
CVE-2022-1987 was published Jun 4, 2022
A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being... Critical Unreviewed
CVE-2022-30927 was published Jun 7, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows... High Unreviewed
CVE-2022-33174 was published Jun 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database