GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,378

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

266,747 advisories

Filter by severity

Sort by

Least recently updated

LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php return_page XSS. Moderate Unreviewed

CVE-2022-31495 was published Jun 8, 2022

Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2... Low Unreviewed

CVE-2022-30742 was published Jun 8, 2022

PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers... Moderate Unreviewed

CVE-2022-30747 was published Jun 8, 2022

Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1... Moderate Unreviewed

CVE-2022-30709 was published Jun 8, 2022

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers... Moderate Unreviewed

CVE-2022-30725 was published Jun 8, 2022

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers... Moderate Unreviewed

CVE-2022-30724 was published Jun 8, 2022

Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed

CVE-2022-30710 was published Jun 8, 2022

Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed

CVE-2022-30711 was published Jun 8, 2022

Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed

CVE-2022-30713 was published Jun 8, 2022

The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4... Moderate Unreviewed

CVE-2021-24219 was published May 24, 2022

CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus... High Unreviewed

CVE-2016-3874 was published May 17, 2022

Virtua Cobranca before 12R allows SQL Injection on the login page. High Unreviewed

CVE-2021-37589 was published Jun 8, 2022

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed

CVE-2018-25010 was published May 24, 2022

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed

CVE-2018-25009 was published May 24, 2022

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in... Critical Unreviewed

CVE-2018-25011 was published May 24, 2022

It has been discovered that redhat-certification is not properly configured and it lists all... High Unreviewed

CVE-2018-10863 was published May 24, 2022

It has been discovered that redhat-certification does not restrict file access in the /update... Critical Unreviewed

CVE-2018-10867 was published May 24, 2022

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User... High Unreviewed

CVE-2022-22556 was published Jun 3, 2022

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=sales... High Unreviewed

CVE-2022-31996 was published Jun 3, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24190 was published May 24, 2022

It has been discovered that redhat-certification does not perform an authorization check and... High Unreviewed

CVE-2018-10865 was published May 24, 2022

The parameters $cache_path, $wp_cache_debug_ip, $wp_super_cache_front_page_text, ... High Unreviewed

CVE-2021-24312 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24192 was published May 24, 2022

Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0)... Low Unreviewed

CVE-2021-25403 was published May 24, 2022

A flaw was found in the OpenShift web console, where the access token is stored in the browser's... Moderate Unreviewed

CVE-2020-1761 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

266,747 advisories