Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

267,495 advisories

Loading
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed
CVE-2022-30922 was published Jun 9, 2022
A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected... High Unreviewed
CVE-2019-25063 was published Jun 9, 2022
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed
CVE-2022-30920 was published Jun 9, 2022
The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its... Moderate Unreviewed
CVE-2022-0779 was published Jun 9, 2022
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed
CVE-2022-30915 was published Jun 9, 2022
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the... Critical Unreviewed
CVE-2022-30919 was published Jun 9, 2022
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter... Moderate Unreviewed
CVE-2022-1684 was published Jun 9, 2022
The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise... Moderate Unreviewed
CVE-2022-1685 was published Jun 9, 2022
The FormCraft WordPress plugin before 1.2.6 does not sanitise and escape Field Labels, allowing... Moderate Unreviewed
CVE-2022-1647 was published Jun 9, 2022
The parameters $cache_path, $wp_cache_debug_ip, $wp_super_cache_front_page_text, ... High Unreviewed
CVE-2021-24312 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25010 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25009 was published May 24, 2022
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=sales... High Unreviewed
CVE-2022-31996 was published Jun 3, 2022
Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User... High Unreviewed
CVE-2022-22556 was published Jun 3, 2022
A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as... Moderate Unreviewed
CVE-2022-1979 was published Jun 3, 2022
A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in... Critical Unreviewed
CVE-2018-25011 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24190 was published May 24, 2022
It has been discovered that redhat-certification is not properly configured and it lists all... High Unreviewed
CVE-2018-10863 was published May 24, 2022
It has been discovered that redhat-certification does not perform an authorization check and... High Unreviewed
CVE-2018-10865 was published May 24, 2022
It has been discovered that redhat-certification does not restrict file access in the /update... Critical Unreviewed
CVE-2018-10867 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24192 was published May 24, 2022
A flaw was found in the OpenShift web console, where the access token is stored in the browser's... Moderate Unreviewed
CVE-2020-1761 was published May 24, 2022
A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code... High Unreviewed
CVE-2022-30232 was published Jun 3, 2022
A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been rated as... Moderate Unreviewed
CVE-2022-1980 was published Jun 3, 2022
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page... High Unreviewed
CVE-2022-32000 was published Jun 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database