Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

305,615 advisories

Loading
The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on... Moderate Unreviewed
CVE-2022-1695 was published Jun 9, 2022
A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This... High Unreviewed
CVE-2016-15002 was published Jun 10, 2022
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a... Moderate Unreviewed
CVE-2022-4434 was published Jan 5, 2023
Improper neutralization of special elements in output used by a downstream component ('Injection'... High Unreviewed
CVE-2022-43932 was published Jan 5, 2023
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the... Critical Unreviewed
CVE-2022-1692 was published Jun 9, 2022
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management... High Unreviewed
CVE-2022-1703 was published Jun 9, 2022
A vulnerability was found in HumHub 0.20.1/1.0.0-beta.3. It has been classified as critical. This... Critical Unreviewed
CVE-2017-20028 was published Jun 10, 2022
A vulnerability, which was classified as problematic, has been found in Solare Solar-Log 2.8.4-56... High Unreviewed
CVE-2017-20020 was published Jun 10, 2022
The ITarian platform (SAAS / on-premise) offers the possibility to run code on agents via a... High Unreviewed
CVE-2022-25152 was published Jun 10, 2022
Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra... High Unreviewed
CVE-2022-2027 was published Jun 10, 2022
IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access... Moderate Unreviewed
CVE-2022-41740 was published Jan 5, 2023
A vulnerability, which was classified as problematic, has been found in vicamo NetworkManager.... Critical Unreviewed
CVE-2014-125043 was published Jan 5, 2023
Nuxeo vulnerable to Reflected Cross-Site Scripting leading to Remote Code Execution Moderate
CVE-2021-32828 was published for org.nuxeo.ecm.platform:nuxeo-platform-oauth (Maven) Jan 6, 2023
Duplicate of GHSA-4xh4-v2pq-jvhm Low
GHSA-9f2c-xxfm-32mj was published for personnummer (Pub) Jan 11, 2023 withdrawn
A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown... High Unreviewed
CVE-2007-10001 was published Jan 5, 2023
A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can... High Unreviewed
CVE-2021-20302 was published Mar 5, 2022
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t <... Moderate Unreviewed
CVE-2021-3933 was published Mar 26, 2022
NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to... Moderate Unreviewed
CVE-2017-7947 was published May 17, 2022
There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php. Moderate Unreviewed
CVE-2017-11718 was published May 17, 2022
Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not use timeouts... High Unreviewed
CVE-2008-6910 was published May 17, 2022
SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote... High Unreviewed
CVE-2008-6887 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before 4.0.4 allows remote attackers... Moderate Unreviewed
CVE-2008-6801 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar 6.3.25 allows remote... Moderate Unreviewed
CVE-2008-7018 was published May 17, 2022
StorageCrypt 2.0.1 does not properly encrypt disks, which allows local users to obtain sensitive... Moderate Unreviewed
CVE-2008-6073 was published May 17, 2022
If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator... Moderate Unreviewed
CVE-2017-12419 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database