Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

287,862 advisories

Loading
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed
CVE-2021-43271 was published Jun 4, 2022
Cross Site scripting (XSS) vulnerability inLibreHealth EHR Base 2.0.0 via interface/usergroup... Moderate Unreviewed
CVE-2022-31492 was published Jun 7, 2022
A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows... High Unreviewed
CVE-2021-41932 was published Jun 7, 2022
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2022-21760 was published Jun 7, 2022
In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed
CVE-2022-21747 was published Jun 7, 2022
An unauthenticated attacker can send a specially crafted update file to the device that can... Critical Unreviewed
CVE-2022-31481 was published Jun 7, 2022
Multiple vulnerabilities vulnerability in Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service... High Unreviewed
CVE-2022-26493 was published Jun 4, 2022
TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker... High Unreviewed
CVE-2021-42886 was published Jun 4, 2022
FUDForum 3.1.2 is vulnerable to Cross Site Scripting (XSS) via page_title param in Page Manager... Moderate Unreviewed
CVE-2022-30863 was published Jun 7, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... Moderate Unreviewed
CVE-2022-30736 was published Jun 8, 2022
Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in... Moderate Unreviewed
CVE-2022-30727 was published Jun 8, 2022
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability.... High Unreviewed
CVE-2021-46818 was published Jun 14, 2022
The Slideshow CK WordPress plugin before 1.4.10 does not sanitize and escape Slide's descriptions... Moderate Unreviewed
CVE-2022-1335 was published Jun 14, 2022
An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the... High Unreviewed
CVE-2022-31482 was published Jun 7, 2022
An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and... High Unreviewed
CVE-2022-31486 was published Jun 7, 2022
Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6... Moderate Unreviewed
CVE-2022-30734 was published Jun 8, 2022
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file... High Unreviewed
CVE-2022-32278 was published Jun 14, 2022
Couchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized... High Unreviewed
CVE-2022-32192 was published Jun 14, 2022
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document... Moderate Unreviewed
CVE-2022-28217 was published Jun 14, 2022
Church Management System version 1.0 is affected by a SQL anjection vulnerability through... Critical Unreviewed
CVE-2021-41661 was published Jun 14, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows... High Unreviewed
CVE-2022-33174 was published Jun 14, 2022
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this... Moderate Unreviewed
CVE-2022-31759 was published Jun 14, 2022
A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in... Moderate Unreviewed
CVE-2021-41663 was published Jun 14, 2022
Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow any authenticated attacker,... High Unreviewed
CVE-2022-1654 was published Jun 14, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability was... Moderate Unreviewed
CVE-2022-29836 was published Nov 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database