Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

838 advisories

Loading
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30711 was published Jun 8, 2022
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30710 was published Jun 8, 2022
Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30713 was published Jun 8, 2022
Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows... Critical Unreviewed
CVE-2015-1555 was published May 17, 2022
Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper... Critical Unreviewed
CVE-2021-37417 was published May 24, 2022
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30712 was published Jun 8, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... Critical Unreviewed
CVE-2021-1468 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... Critical Unreviewed
CVE-2021-1301 was published May 24, 2022
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC-Q Series QJ71E71-100 first... Critical Unreviewed
CVE-2022-25163 was published Jun 3, 2022
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed
CVE-2021-22345 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1142 was published May 24, 2022
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on... Critical Unreviewed
CVE-2018-4018 was published May 24, 2022
Improper Input Validation in Deap Critical
CVE-2018-3749 was published for deap (npm) May 14, 2022
Improper Input Validation in Spring AMQP Critical
CVE-2016-2173 was published for org.springframework.amqp:spring-amqp (Maven) May 13, 2022
Policies not properly enforced in OWASP Java HTML Sanitizer Critical
CVE-2021-42575 was published for com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (Maven) Oct 19, 2021
Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to... Critical Unreviewed
CVE-2011-4124 was published Apr 22, 2022
Imporoper path validation in elFinder.NetCore Critical
CVE-2021-23427 was published for elFinder.NetCore (NuGet) Sep 2, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute... Critical Unreviewed
CVE-2021-39065 was published Dec 14, 2021
In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the... Critical Unreviewed
CVE-2022-25757 was published Mar 29, 2022
In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote... Critical Unreviewed
CVE-2022-27228 was published Mar 23, 2022
CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2022-25498 was published Mar 16, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code... Critical Unreviewed
CVE-2021-42786 was published Mar 11, 2022
papercrop does not properly handle crop input Critical
CVE-2015-2784 was published for papercrop (RubyGems) May 24, 2022
Publify Improper Input Validation vulnerability Critical
CVE-2023-0299 was published for publify_core (RubyGems) Jan 14, 2023
MadsKristensen.AspNetCore.Miniblog subject to Improper Input Validation Critical
CVE-2019-9845 was published for MadsKristensen.AspNetCore.Miniblog (NuGet) Jul 5, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database