Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

305,525 advisories

Loading
IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access... Moderate Unreviewed
CVE-2022-41740 was published Jan 5, 2023
A vulnerability, which was classified as problematic, has been found in vicamo NetworkManager.... Critical Unreviewed
CVE-2014-125043 was published Jan 5, 2023
Nuxeo vulnerable to Reflected Cross-Site Scripting leading to Remote Code Execution Moderate
CVE-2021-32828 was published for org.nuxeo.ecm.platform:nuxeo-platform-oauth (Maven) Jan 6, 2023
Duplicate of GHSA-4xh4-v2pq-jvhm Low
GHSA-9f2c-xxfm-32mj was published for personnummer (Pub) Jan 11, 2023 withdrawn
A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown... High Unreviewed
CVE-2007-10001 was published Jan 5, 2023
Improper neutralization of special elements in output used by a downstream component ('Injection'... High Unreviewed
CVE-2022-43932 was published Jan 5, 2023
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a... Moderate Unreviewed
CVE-2022-4434 was published Jan 5, 2023
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the... Critical Unreviewed
CVE-2022-1692 was published Jun 9, 2022
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management... High Unreviewed
CVE-2022-1703 was published Jun 9, 2022
A vulnerability was found in HumHub 0.20.1/1.0.0-beta.3. It has been classified as critical. This... Critical Unreviewed
CVE-2017-20028 was published Jun 10, 2022
A vulnerability, which was classified as problematic, has been found in Solare Solar-Log 2.8.4-56... High Unreviewed
CVE-2017-20020 was published Jun 10, 2022
The ITarian platform (SAAS / on-premise) offers the possibility to run code on agents via a... High Unreviewed
CVE-2022-25152 was published Jun 10, 2022
Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra... High Unreviewed
CVE-2022-2027 was published Jun 10, 2022
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to... High Unreviewed
CVE-2022-26363 was published Jun 10, 2022
Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0. High Unreviewed
CVE-2022-2037 was published Jun 10, 2022
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t <... Moderate Unreviewed
CVE-2021-3933 was published Mar 26, 2022
A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can... High Unreviewed
CVE-2021-20302 was published Mar 5, 2022
Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the Qualcomm subsystem driver in... High Unreviewed
CVE-2016-3858 was published May 17, 2022
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite ... Moderate Unreviewed
CVE-2017-10093 was published May 17, 2022
hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a... High Unreviewed
CVE-2015-6585 was published May 17, 2022
EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS... Moderate Unreviewed
CVE-2016-0907 was published May 17, 2022
NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to... Moderate Unreviewed
CVE-2017-7947 was published May 17, 2022
There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php. Moderate Unreviewed
CVE-2017-11718 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar 6.3.25 allows remote... Moderate Unreviewed
CVE-2008-7018 was published May 17, 2022
StorageCrypt 2.0.1 does not properly encrypt disks, which allows local users to obtain sensitive... Moderate Unreviewed
CVE-2008-6073 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database