Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

266,765 advisories

Loading
FUDforum 3.1.2 is vulnerable to Stored XSS via Forum Name field in Forum Manager Feature. Moderate Unreviewed
CVE-2022-30861 was published Jun 7, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated... Moderate Unreviewed
CVE-2021-29700 was published May 24, 2022
In ccu, there is a possible memory corruption due to a double free. This could lead to local... Moderate Unreviewed
CVE-2022-21758 was published Jun 7, 2022
When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab... High Unreviewed
CVE-2022-1944 was published Jun 7, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... High Unreviewed
CVE-2022-30735 was published Jun 8, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... Moderate Unreviewed
CVE-2022-30743 was published Jun 8, 2022
An unauthenticated attacker could arbitrarily upload firmware files to the target device,... High Unreviewed
CVE-2022-31480 was published Jun 7, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the... High Unreviewed
CVE-2022-31484 was published Jun 7, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14... Moderate Unreviewed
CVE-2022-1783 was published Jun 7, 2022
Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers... Moderate Unreviewed
CVE-2022-30731 was published Jun 8, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2021-35594 was published May 24, 2022
Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0... Moderate Unreviewed
CVE-2016-3898 was published May 17, 2022
Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address... Moderate Unreviewed
CVE-2022-30738 was published Jun 8, 2022
There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-22474 was published May 24, 2022
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed
CVE-2021-24215 was published May 24, 2022
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300... Moderate Unreviewed
CVE-2021-0242 was published May 24, 2022
A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow... High Unreviewed
CVE-2020-7034 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal... High Unreviewed
CVE-2021-20990 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24194 was published May 24, 2022
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense ... High Unreviewed
CVE-2021-1402 was published May 24, 2022
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially... Critical Unreviewed
CVE-2020-27227 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24195 was published May 24, 2022
On Juniper Networks Junos OS platforms with link aggregation (lag) configured, executing any... High Unreviewed
CVE-2021-0230 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,... Critical Unreviewed
CVE-2021-1459 was published May 24, 2022
The WP 2FA WordPress plugin before 2.2.1 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2022-1527 was published May 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database