GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,718
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,318
Maven 5,601
npm 3,950
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,707

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

280,425 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers... High Unreviewed

CVE-2022-30749 was published Jun 8, 2022

Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local... Low Unreviewed

CVE-2022-30714 was published Jun 8, 2022

The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when... Moderate Unreviewed

CVE-2022-1759 was published Jun 14, 2022

The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a... Critical Unreviewed

CVE-2022-30877 was published Jun 9, 2022

Apache Helix UI vulnerable to Open Redirect Moderate

CVE-2022-47500 was published for org.apache.helix:helix (Maven) Dec 19, 2022

PNGDec commit 8abf6be was discovered to contain a stack overflow via /linux/main.cpp. Moderate Unreviewed

CVE-2022-35008 was published Aug 17, 2022

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to elevate privileges due to the... Moderate Unreviewed

CVE-2017-8642 was published May 17, 2022

The KiviCare WordPress plugin before 2.3.9 does not sanitise and escape some parameters before... Critical Unreviewed

CVE-2022-0786 was published Jun 14, 2022

The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[... Moderate Unreviewed

CVE-2022-1756 was published Jun 14, 2022

The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX... High Unreviewed

CVE-2022-1777 was published Jun 14, 2022

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed

CVE-2022-43522 was published Jan 5, 2023

In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from... High Unreviewed

CVE-2022-46081 was published Jan 4, 2023

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed

CVE-2022-43520 was published Jan 5, 2023

A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with... Moderate Unreviewed

CVE-2022-43540 was published Jan 5, 2023

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed

CVE-2022-43521 was published Jan 5, 2023

Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have unknown impact and attack... High Unreviewed

CVE-2008-7164 was published May 17, 2022

Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier allow remote attackers to... High Unreviewed

CVE-2010-1537 was published May 17, 2022

PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when... Moderate Unreviewed

CVE-2010-1528 was published May 17, 2022

PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals... Moderate Unreviewed

CVE-2008-7183 was published May 17, 2022

Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for... Moderate Unreviewed

CVE-2010-1474 was published May 17, 2022

SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows... High Unreviewed

CVE-2010-1538 was published May 17, 2022

SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows... High Unreviewed

CVE-2010-1496 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89... Moderate Unreviewed

CVE-2016-5148 was published May 17, 2022

Unspecified vulnerability in IBM Cognos 8 Business Intelligence before 8.4.1 FP1 has unknown... High Unreviewed

CVE-2010-1490 was published May 17, 2022

A vulnerability, which was classified as critical, has been found in The Next Generation of... High Unreviewed

CVE-2017-20017 was published Jun 9, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

280,425 advisories