Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,777 advisories

Loading
Unsafe deserialization in Apache MINA SSHD Critical
CVE-2022-45047 was published for org.apache.sshd:sshd-common (Maven) Nov 16, 2022
pavelarnost
A vulnerability, which was classified as critical, was found in MonikaBrzica scm. This affects an... Critical Unreviewed
CVE-2022-3998 was published Nov 15, 2022
Tasmota before commit 066878da4d4762a9b6cb169fdf353e804d735cfd was discovered to contain a stack... Critical Unreviewed
CVE-2022-43294 was published Nov 15, 2022
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is... Critical Unreviewed
CVE-2022-37109 was published Nov 15, 2022
A SQL injection vulnerability in the Friendly Url module in Liferay Portal 7.3.7, and Liferay DXP... Critical Unreviewed
CVE-2022-42122 was published Nov 15, 2022
A SQL injection vulnerability in the Fragment module in Liferay Portal 7.3.3 through 7.4.3.16,... Critical Unreviewed
CVE-2022-42120 was published Nov 15, 2022
WoWonder Social Network Platform 4.1.4 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2022-42984 was published Nov 15, 2022
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via... Critical Unreviewed
CVE-2022-42058 was published Nov 15, 2022
Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute,... Critical Unreviewed
CVE-2022-33234 was published Nov 15, 2022
Memory Corruption in modem due to improper length check while copying into memory in Snapdragon... Critical Unreviewed
CVE-2022-25727 was published Nov 15, 2022
Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in... Critical Unreviewed
CVE-2022-25674 was published Nov 15, 2022
Apache SOAP contains unauthenticated RPCRouterServlet Critical
CVE-2022-45378 was published for soap:soap (Maven) Nov 14, 2022
Apache Jena vulnerable to Deserialization of Untrusted Data Critical
CVE-2022-45136 was published for org.apache.jena:jena-sdb (Maven) Nov 14, 2022
The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before... Critical Unreviewed
CVE-2022-3477 was published Nov 14, 2022
The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the... Critical Unreviewed
CVE-2022-3574 was published Nov 14, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silicon... Critical Unreviewed
CVE-2022-24937 was published Nov 14, 2022
Authentication Bypass by Primary Weakness in GitHub repository kareadita/kavita prior to 0.6.0.3. Critical Unreviewed
CVE-2022-3993 was published Nov 14, 2022
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue... Critical Unreviewed
CVE-2022-3979 was published Nov 14, 2022
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the... Critical Unreviewed
CVE-2022-3970 was published Nov 13, 2022
A vulnerability classified as critical has been found in Pingkon HMS-PHP. Affected is an unknown... Critical Unreviewed
CVE-2022-3973 was published Nov 13, 2022
A vulnerability was found in Pingkon HMS-PHP. It has been rated as critical. This issue affects... Critical Unreviewed
CVE-2022-3972 was published Nov 13, 2022
Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter. Critical Unreviewed
CVE-2022-45182 was published Nov 12, 2022
Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus... Critical Unreviewed
CVE-2022-43671 was published Nov 12, 2022
Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus... Critical Unreviewed
CVE-2022-43672 was published Nov 12, 2022
** UNSUPPORTED WHEN ASSIGNED ** A remote insecure deserialization vulnerability exixsts in VMWare... Critical Unreviewed
CVE-2022-38652 was published Nov 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database