Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

288,463 advisories

Loading
PNGDec commit 8abf6be was discovered to contain a stack overflow via /linux/main.cpp. Moderate Unreviewed
CVE-2022-35008 was published Aug 17, 2022
SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems... Critical Unreviewed
CVE-2017-12567 was published May 17, 2022
The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX... High Unreviewed
CVE-2022-1777 was published Jun 14, 2022
The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[... Moderate Unreviewed
CVE-2022-1756 was published Jun 14, 2022
Agentflow BPM file download function has a path traversal vulnerability. An unauthenticated... High Unreviewed
CVE-2022-39037 was published Nov 10, 2022
The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a... Critical Unreviewed
CVE-2022-30877 was published Jun 9, 2022
Apache Helix UI vulnerable to Open Redirect Moderate
CVE-2022-47500 was published for org.apache.helix:helix (Maven) Dec 19, 2022
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed
CVE-2022-43521 was published Jan 5, 2023
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed
CVE-2022-43520 was published Jan 5, 2023
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed
CVE-2022-43522 was published Jan 5, 2023
A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with... Moderate Unreviewed
CVE-2022-43540 was published Jan 5, 2023
In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from... High Unreviewed
CVE-2022-46081 was published Jan 4, 2023
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when... Moderate Unreviewed
CVE-2010-1528 was published May 17, 2022
Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier allow remote attackers to... High Unreviewed
CVE-2010-1537 was published May 17, 2022
Unspecified vulnerability in IBM Cognos 8 Business Intelligence before 8.4.1 FP1 has unknown... High Unreviewed
CVE-2010-1490 was published May 17, 2022
Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for... Moderate Unreviewed
CVE-2010-1474 was published May 17, 2022
Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have unknown impact and attack... High Unreviewed
CVE-2008-7164 was published May 17, 2022
Unspecified vulnerability in the product view functionality in VirtueMart 1.0.13a and earlier... Moderate Unreviewed
CVE-2008-7205 was published May 17, 2022
The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to... Moderate Unreviewed
CVE-2016-4620 was published May 17, 2022
Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle... Moderate Unreviewed
CVE-2016-4747 was published May 17, 2022
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin... Low Unreviewed
CVE-2016-4740 was published May 17, 2022
SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows... High Unreviewed
CVE-2010-1538 was published May 17, 2022
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals... Moderate Unreviewed
CVE-2008-7183 was published May 17, 2022
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed
CVE-2022-30912 was published Jun 9, 2022
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO... Critical Unreviewed
CVE-2022-30910 was published Jun 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database