GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,031
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,355
NuGet 765
pip 4,115
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,710

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

305,741 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to... Moderate Unreviewed

CVE-2016-4620 was published May 17, 2022

Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users... Low Unreviewed

CVE-2016-4749 was published May 17, 2022

The WP Statistics WordPress plugin before 13.2.2 does not sanitise the REQUEST_URI parameter... Moderate Unreviewed

CVE-2022-1005 was published Jun 9, 2022

The Discy WordPress theme before 5.2 does not check for CSRF tokens in the AJAX action... Moderate Unreviewed

CVE-2022-1422 was published Jun 9, 2022

The WP Born Babies WordPress plugin through 1.0 does not sanitise and escape some of its fields,... Moderate Unreviewed

CVE-2022-1506 was published Jun 9, 2022

Cross-site Scripting in RosarioSIS Moderate

CVE-2022-1997 was published for francoisjacquet/rosariosis (Composer) Jun 9, 2022

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD... Critical Unreviewed

CVE-2022-30909 was published Jun 9, 2022

ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management... High Unreviewed

CVE-2021-36710 was published Jun 9, 2022

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed

CVE-2022-30923 was published Jun 9, 2022

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed

CVE-2022-30925 was published Jun 9, 2022

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed

CVE-2022-30912 was published Jun 9, 2022

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO... Critical Unreviewed

CVE-2022-30910 was published Jun 9, 2022

A vulnerability, which was classified as critical, has been found in The Next Generation of... High Unreviewed

CVE-2017-20017 was published Jun 9, 2022

The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lsp_slider_id... Moderate Unreviewed

CVE-2022-1687 was published Jun 9, 2022

Unspecified vulnerability in IBM Cognos 8 Business Intelligence before 8.4.1 FP1 has unknown... High Unreviewed

CVE-2010-1490 was published May 17, 2022

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed

CVE-2022-43521 was published Jan 5, 2023

There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm... High Unreviewed

CVE-2022-31325 was published Jun 9, 2022

The Discy WordPress theme before 5.2 lacks CSRF checks in some AJAX actions, allowing an attacker... Moderate Unreviewed

CVE-2022-1421 was published Jun 9, 2022

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed

CVE-2022-43519 was published Jan 5, 2023

IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access... High Unreviewed

CVE-2022-43844 was published Jan 5, 2023

Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when... Moderate Unreviewed

CVE-2008-7152 was published May 17, 2022

Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to... Moderate Unreviewed

CVE-2008-7130 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Live 5.x before 5.x-0.1, a module for Drupal,... Moderate Unreviewed

CVE-2008-7151 was published May 17, 2022

The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain... High Unreviewed

CVE-2008-7128 was published May 17, 2022

osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers... Moderate Unreviewed

CVE-2008-7127 was published May 17, 2022

Previous 1…397…400 Next

Previous 1 2 … 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

305,741 advisories