GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,378

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

266,747 advisories

Filter by severity

Sort by

Least recently updated

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User... High Unreviewed

CVE-2022-22556 was published Jun 3, 2022

A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been rated as... Moderate Unreviewed

CVE-2022-1980 was published Jun 3, 2022

A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as... Moderate Unreviewed

CVE-2022-1979 was published Jun 3, 2022

Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in... High Unreviewed

CVE-2008-6070 was published May 17, 2022

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a... High Unreviewed

CVE-2008-6079 was published May 17, 2022

XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid portletId. Moderate Unreviewed

CVE-2017-12645 was published May 17, 2022

MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. Moderate Unreviewed

CVE-2017-11716 was published May 17, 2022

job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related... Critical Unreviewed

CVE-2017-11715 was published May 17, 2022

uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated users to execute arbitrary... High Unreviewed

CVE-2017-11760 was published May 17, 2022

dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in controllers/api.php via the... Moderate Unreviewed

CVE-2017-11629 was published May 17, 2022

Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and... Moderate Unreviewed

CVE-2008-6024 was published May 17, 2022

The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04... High Unreviewed

CVE-2015-1332 was published May 17, 2022

XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect field to modules/apps... Moderate Unreviewed

CVE-2016-10404 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers... Moderate Unreviewed

CVE-2008-6034 was published May 17, 2022

Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and... High Unreviewed

CVE-2008-6021 was published May 17, 2022

SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute... High Unreviewed

CVE-2008-6026 was published May 17, 2022

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page... High Unreviewed

CVE-2022-32000 was published Jun 3, 2022

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its... Moderate Unreviewed

CVE-2022-0779 was published Jun 9, 2022

NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. Critical Unreviewed

CVE-2021-45981 was published Jun 3, 2022

A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code... High Unreviewed

CVE-2022-30232 was published Jun 3, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to... Critical Unreviewed

CVE-2022-30234 was published Jun 3, 2022

Dell PowerStore Versions before v2.1.1.0. contains a Stored Cross-Site Scripting vulnerability. A... Moderate Unreviewed

CVE-2022-26866 was published Jun 3, 2022

A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected... High Unreviewed

CVE-2019-25063 was published Jun 9, 2022

The WooCommerce Green Wallet Gateway WordPress plugin before 1.0.2 does not escape the... Moderate Unreviewed

CVE-2022-1673 was published Jun 9, 2022

The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter... Moderate Unreviewed

CVE-2022-1684 was published Jun 9, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

266,747 advisories