Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,624
Maven
5,000+
npm
4,257
NuGet
760
pip
4,050
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,627 advisories

Loading
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability.... High Unreviewed
CVE-2021-46818 was published Jun 14, 2022
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2022-21760 was published Jun 7, 2022
In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed
CVE-2022-21747 was published Jun 7, 2022
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2022-21753 was published Jun 7, 2022
In power service, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-21759 was published Jun 7, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... Moderate Unreviewed
CVE-2022-30736 was published Jun 8, 2022
Church Management System version 1.0 is affected by a SQL anjection vulnerability through... Critical Unreviewed
CVE-2021-41661 was published Jun 14, 2022
Couchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized... High Unreviewed
CVE-2022-32192 was published Jun 14, 2022
The Slideshow CK WordPress plugin before 1.4.10 does not sanitize and escape Slide's descriptions... Moderate Unreviewed
CVE-2022-1335 was published Jun 14, 2022
Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the... Critical Unreviewed
CVE-2015-9107 was published May 17, 2022
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the... Moderate Unreviewed
CVE-2021-42892 was published Jun 4, 2022
Cross Site scripting (XSS) vulnerability inLibreHealth EHR Base 2.0.0 via interface/usergroup... Moderate Unreviewed
CVE-2022-31492 was published Jun 7, 2022
FUDForum 3.1.2 is vulnerable to Cross Site Scripting (XSS) via page_title param in Page Manager... Moderate Unreviewed
CVE-2022-30863 was published Jun 7, 2022
An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and... High Unreviewed
CVE-2022-31486 was published Jun 7, 2022
Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in... Moderate Unreviewed
CVE-2022-30727 was published Jun 8, 2022
A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows... High Unreviewed
CVE-2021-41932 was published Jun 7, 2022
Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6... Moderate Unreviewed
CVE-2022-30734 was published Jun 8, 2022
Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow any authenticated attacker,... High Unreviewed
CVE-2022-1654 was published Jun 14, 2022
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file... High Unreviewed
CVE-2022-32278 was published Jun 14, 2022
A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in... Moderate Unreviewed
CVE-2021-41663 was published Jun 14, 2022
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document... Moderate Unreviewed
CVE-2022-28217 was published Jun 14, 2022
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this... Moderate Unreviewed
CVE-2022-31759 was published Jun 14, 2022
The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5... High Unreviewed
CVE-2016-1468 was published May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability was... Moderate Unreviewed
CVE-2022-29836 was published Nov 10, 2022
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation... High Unreviewed
CVE-2021-46814 was published Jun 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database