Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

255,762 advisories

Loading
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2021-35594 was published May 24, 2022
In memory management driver, there is a possible system crash due to a missing bounds check. This... Moderate Unreviewed
CVE-2021-0422 was published May 24, 2022
The Brizy Page Builder plugin <= 2.3.11 for WordPress was vulnerable to stored XSS by lower... Moderate Unreviewed
CVE-2021-38344 was published May 24, 2022
In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of... Moderate Unreviewed
CVE-2021-39875 was published May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to... Moderate Unreviewed
CVE-2021-20372 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated... Moderate Unreviewed
CVE-2021-29700 was published May 24, 2022
An improper access control vulnerability [CWE-284] in FortiManager versions 6.4.4 and 6.4.5 may... Moderate Unreviewed
CVE-2021-26107 was published May 24, 2022
A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a... High Unreviewed
CVE-2021-22458 was published May 24, 2022
Integer overflow in the Region::unflatten function in libs/ui/Region.cpp in mediaserver in... Moderate Unreviewed
CVE-2016-3895 was published May 17, 2022
FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File... High Unreviewed
CVE-2022-30860 was published Jun 7, 2022
Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers... Moderate Unreviewed
CVE-2022-30731 was published Jun 8, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14... Moderate Unreviewed
CVE-2022-1783 was published Jun 7, 2022
A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow... High Unreviewed
CVE-2021-1384 was published May 24, 2022
There's a flaw in the zeromq server in versions before 4.3.3 in src/decoder_allocators.hpp. The... High Unreviewed
CVE-2021-20235 was published May 24, 2022
SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122... High Unreviewed
CVE-2008-6434 was published May 17, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... Moderate Unreviewed
CVE-2022-30743 was published Jun 8, 2022
An unauthenticated attacker could arbitrarily upload firmware files to the target device,... High Unreviewed
CVE-2022-31480 was published Jun 7, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the... High Unreviewed
CVE-2022-31484 was published Jun 7, 2022
server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 does not enforce the... High Unreviewed
CVE-2016-3875 was published May 17, 2022
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus... High Unreviewed
CVE-2016-3874 was published May 17, 2022
The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows... High Unreviewed
CVE-2016-3865 was published May 17, 2022
SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers... Critical Unreviewed
CVE-2015-2798 was published May 17, 2022
Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors. Critical Unreviewed
CVE-2016-3877 was published May 17, 2022
Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x... High Unreviewed
CVE-2016-3872 was published May 17, 2022
The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers... Moderate Unreviewed
CVE-2017-9412 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database