Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,791 advisories

Loading
Apache SOAP contains unauthenticated RPCRouterServlet Critical
CVE-2022-45378 was published for soap:soap (Maven) Nov 14, 2022
Apache Jena vulnerable to Deserialization of Untrusted Data Critical
CVE-2022-45136 was published for org.apache.jena:jena-sdb (Maven) Nov 14, 2022
The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the... Critical Unreviewed
CVE-2022-3574 was published Nov 14, 2022
The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before... Critical Unreviewed
CVE-2022-3477 was published Nov 14, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silicon... Critical Unreviewed
CVE-2022-24937 was published Nov 14, 2022
Authentication Bypass by Primary Weakness in GitHub repository kareadita/kavita prior to 0.6.0.3. Critical Unreviewed
CVE-2022-3993 was published Nov 14, 2022
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue... Critical Unreviewed
CVE-2022-3979 was published Nov 14, 2022
A vulnerability was found in Pingkon HMS-PHP. It has been rated as critical. This issue affects... Critical Unreviewed
CVE-2022-3972 was published Nov 13, 2022
A vulnerability classified as critical has been found in Pingkon HMS-PHP. Affected is an unknown... Critical Unreviewed
CVE-2022-3973 was published Nov 13, 2022
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the... Critical Unreviewed
CVE-2022-3970 was published Nov 13, 2022
Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus... Critical Unreviewed
CVE-2022-43671 was published Nov 12, 2022
Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus... Critical Unreviewed
CVE-2022-43672 was published Nov 12, 2022
Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter. Critical Unreviewed
CVE-2022-45182 was published Nov 12, 2022
** UNSUPPORTED WHEN ASSIGNED ** A remote insecure deserialization vulnerability exixsts in VMWare... Critical Unreviewed
CVE-2022-38652 was published Nov 12, 2022
** UNSUPPORTED WHEN ASSIGNED ** A remote unauthenticated insecure deserialization vulnerability... Critical Unreviewed
CVE-2022-38650 was published Nov 12, 2022
** UNSUPPORTED WHEN ASSIGNED ** A security filter misconfiguration exists in VMware Hyperic... Critical Unreviewed
CVE-2022-38651 was published Nov 12, 2022
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93,... Critical Unreviewed
CVE-2022-26845 was published Nov 11, 2022
Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions... Critical Unreviewed
CVE-2022-29486 was published Nov 11, 2022
Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146... Critical Unreviewed
CVE-2022-26513 was published Nov 11, 2022
A vulnerability classified as critical has been found in eolinker goku_lite. This affects an... Critical Unreviewed
CVE-2022-3947 was published Nov 11, 2022
A vulnerability classified as critical was found in eolinker goku_lite. This vulnerability... Critical Unreviewed
CVE-2022-3948 was published Nov 11, 2022
A vulnerability was found in tholum crm42. It has been rated as critical. This issue affects some... Critical Unreviewed
CVE-2022-3955 was published Nov 11, 2022
A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an... Critical Unreviewed
CVE-2022-3956 was published Nov 11, 2022
After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter... Critical Unreviewed
CVE-2022-34331 was published Nov 11, 2022
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component ... Critical Unreviewed
CVE-2022-43074 was published Nov 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database