Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,669
Erlang
34
GitHub Actions
26
Go
2,261
Maven
5,000+
npm
3,910
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,409 advisories

Loading
The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-42044 was published Oct 12, 2022
The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41380 was published Oct 12, 2022
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41381 was published Oct 12, 2022
Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed
CVE-2022-41408 was published Oct 12, 2022
The d8s-archives package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41383 was published Oct 12, 2022
The d8s-json package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41382 was published Oct 12, 2022
The d8s-domains package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41384 was published Oct 12, 2022
The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41387 was published Oct 12, 2022
The d8s-html package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41385 was published Oct 12, 2022
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41386 was published Oct 12, 2022
thlorenz browserify-shim vulnerable to prototype pollution Critical
CVE-2022-37617 was published for browserify-shim (npm) Oct 12, 2022
tschaub gh-pages vulnerable to prototype pollution Critical
CVE-2022-37611 was published for gh-pages (npm) Oct 12, 2022
SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage... Critical Unreviewed
CVE-2022-35299 was published Oct 12, 2022
In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker application endpoint failed to... Critical Unreviewed
CVE-2022-42711 was published Oct 12, 2022
A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and... Critical Unreviewed
CVE-2022-3458 was published Oct 12, 2022
Apache Shiro Authentication Bypass vulnerability Critical
CVE-2022-40664 was published for org.apache.shiro:shiro-core (Maven) Oct 12, 2022
A vulnerability classified as critical was found in Mediabridge Medialink. This vulnerability... Critical Unreviewed
CVE-2022-3465 was published Oct 12, 2022
Withdrawn: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom Critical
CVE-2022-37616 was published for @xmldom/xmldom (npm) Oct 11, 2022 withdrawn
secdevlpr26 bchew
tzimmermann mrtc0 karfau
Gogs vulnerable to Cross-site Scripting Critical
CVE-2022-32174 was published for gogs.io/gogs (Go) Oct 11, 2022
A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to... Critical Unreviewed
CVE-2022-41746 was published Oct 11, 2022
A write-what-where condition in hermes caused by an integer overflow, prior to commit... Critical Unreviewed
CVE-2022-35289 was published Oct 11, 2022
An out of bounds write in hermes, while handling large arrays, prior to commit... Critical Unreviewed
CVE-2022-32234 was published Oct 11, 2022
An integer conversion error in Hermes bytecode generation, prior to commit... Critical Unreviewed
CVE-2022-40138 was published Oct 11, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions).... Critical Unreviewed
CVE-2022-36361 was published Oct 11, 2022
Wedding Planner v1.0 is vulnerable to has arbitrary code execution. Critical Unreviewed
CVE-2022-42075 was published Oct 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database