Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,624
Maven
5,000+
npm
4,257
NuGet
760
pip
4,050
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,623 advisories

Loading
Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to... High Unreviewed
CVE-2016-3889 was published May 17, 2022
A vulnerability, which was classified as problematic, has been found in Solare Solar-Log 2.8.4-56... High Unreviewed
CVE-2017-20020 was published Jun 10, 2022
Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0. High Unreviewed
CVE-2022-2037 was published Jun 10, 2022
The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on... Moderate Unreviewed
CVE-2022-1695 was published Jun 9, 2022
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management... High Unreviewed
CVE-2022-1703 was published Jun 9, 2022
A vulnerability was found in HumHub 0.20.1/1.0.0-beta.3. It has been classified as critical. This... Critical Unreviewed
CVE-2017-20028 was published Jun 10, 2022
A vulnerability, which was classified as critical, was found in soshtolsus wing-tight. This... Critical Unreviewed
CVE-2014-125044 was published Jan 5, 2023
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if... Moderate Unreviewed
CVE-2022-28614 was published Jun 10, 2022
The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id... Moderate Unreviewed
CVE-2022-1686 was published Jun 9, 2022
A vulnerability classified as problematic was found in Solare Solar-Log 2.8.4-56/3.5.2-85.... High Unreviewed
CVE-2017-20019 was published Jun 10, 2022
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to... High Unreviewed
CVE-2022-26363 was published Jun 10, 2022
Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra... High Unreviewed
CVE-2022-2027 was published Jun 10, 2022
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the... Critical Unreviewed
CVE-2022-1692 was published Jun 9, 2022
A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This... High Unreviewed
CVE-2016-15002 was published Jun 10, 2022
A vulnerability, which was classified as problematic, has been found in vicamo NetworkManager.... Critical Unreviewed
CVE-2014-125043 was published Jan 5, 2023
Nuxeo vulnerable to Reflected Cross-Site Scripting leading to Remote Code Execution Moderate
CVE-2021-32828 was published for org.nuxeo.ecm.platform:nuxeo-platform-oauth (Maven) Jan 6, 2023
IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access... Moderate Unreviewed
CVE-2022-41740 was published Jan 5, 2023
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a... Moderate Unreviewed
CVE-2022-4434 was published Jan 5, 2023
A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown... High Unreviewed
CVE-2007-10001 was published Jan 5, 2023
Improper neutralization of special elements in output used by a downstream component ('Injection'... High Unreviewed
CVE-2022-43932 was published Jan 5, 2023
Duplicate of GHSA-4xh4-v2pq-jvhm Low
GHSA-9f2c-xxfm-32mj was published for personnummer (Pub) Jan 11, 2023 withdrawn
The ITarian platform (SAAS / on-premise) offers the possibility to run code on agents via a... High Unreviewed
CVE-2022-25152 was published Jun 10, 2022
A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can... High Unreviewed
CVE-2021-20302 was published Mar 5, 2022
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t <... Moderate Unreviewed
CVE-2021-3933 was published Mar 26, 2022
Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not use timeouts... High Unreviewed
CVE-2008-6910 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database