Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

266,153 advisories

Loading
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30711 was published Jun 8, 2022
Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2... Low Unreviewed
CVE-2022-30742 was published Jun 8, 2022
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30710 was published Jun 8, 2022
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed
CVE-2021-24215 was published May 24, 2022
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300... Moderate Unreviewed
CVE-2021-0242 was published May 24, 2022
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS... High Unreviewed
CVE-2022-26741 was published May 27, 2022
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense ... High Unreviewed
CVE-2021-1402 was published May 24, 2022
The WP 2FA WordPress plugin before 2.2.1 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2022-1527 was published May 31, 2022
A vulnerability in the web-based management interface of the Cisco Secure Access Control System ... Moderate Unreviewed
CVE-2017-6769 was published May 17, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could... High Unreviewed
CVE-2022-30687 was published May 28, 2022
Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1... Moderate Unreviewed
CVE-2022-30709 was published Jun 8, 2022
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers... Moderate Unreviewed
CVE-2022-30724 was published Jun 8, 2022
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers... Moderate Unreviewed
CVE-2022-30725 was published Jun 8, 2022
There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-22474 was published May 24, 2022
uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated users to execute arbitrary... High Unreviewed
CVE-2017-11760 was published May 17, 2022
MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. Moderate Unreviewed
CVE-2017-11716 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers... Moderate Unreviewed
CVE-2008-6034 was published May 17, 2022
job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related... Critical Unreviewed
CVE-2017-11715 was published May 17, 2022
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect field to modules/apps... Moderate Unreviewed
CVE-2016-10404 was published May 17, 2022
SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute... High Unreviewed
CVE-2008-6026 was published May 17, 2022
Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and... High Unreviewed
CVE-2008-6021 was published May 17, 2022
dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in controllers/api.php via the... Moderate Unreviewed
CVE-2017-11629 was published May 17, 2022
The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04... High Unreviewed
CVE-2015-1332 was published May 17, 2022
The parameters $cache_path, $wp_cache_debug_ip, $wp_super_cache_front_page_text, ... High Unreviewed
CVE-2021-24312 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24190 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database