GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,372
Composer 4,669
Erlang 34
GitHub Actions 26
Go 2,261
Maven 5,512
npm 3,910
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,338

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

275,710 advisories

Filter by severity

Sort by

Least recently updated

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the... Moderate Unreviewed

CVE-2021-42892 was published Jun 4, 2022

TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker... High Unreviewed

CVE-2021-42886 was published Jun 4, 2022

Cross Site scripting (XSS) vulnerability inLibreHealth EHR Base 2.0.0 via interface/usergroup... Moderate Unreviewed

CVE-2022-31492 was published Jun 7, 2022

FUDForum 3.1.2 is vulnerable to Cross Site Scripting (XSS) via page_title param in Page Manager... Moderate Unreviewed

CVE-2022-30863 was published Jun 7, 2022

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows... High Unreviewed

CVE-2022-33174 was published Jun 14, 2022

Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document... Moderate Unreviewed

CVE-2022-28217 was published Jun 14, 2022

Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow any authenticated attacker,... High Unreviewed

CVE-2022-1654 was published Jun 14, 2022

The Slideshow CK WordPress plugin before 1.4.10 does not sanitize and escape Slide's descriptions... Moderate Unreviewed

CVE-2022-1335 was published Jun 14, 2022

Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed

CVE-2021-43271 was published Jun 4, 2022

In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed

CVE-2022-21753 was published Jun 7, 2022

In power service, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed

CVE-2022-21759 was published Jun 7, 2022

An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the... High Unreviewed

CVE-2022-31482 was published Jun 7, 2022

Couchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized... High Unreviewed

CVE-2022-32192 was published Jun 14, 2022

A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in... Moderate Unreviewed

CVE-2021-41663 was published Jun 14, 2022

In apusys driver, there is a possible system crash due to an integer overflow. This could lead to... Moderate Unreviewed

CVE-2022-21760 was published Jun 7, 2022

An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and... High Unreviewed

CVE-2022-31486 was published Jun 7, 2022

Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in... Moderate Unreviewed

CVE-2022-30727 was published Jun 8, 2022

Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability.... High Unreviewed

CVE-2021-46818 was published Jun 14, 2022

Church Management System version 1.0 is affected by a SQL anjection vulnerability through... Critical Unreviewed

CVE-2021-41661 was published Jun 14, 2022

XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file... High Unreviewed

CVE-2022-32278 was published Jun 14, 2022

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this... Moderate Unreviewed

CVE-2022-31759 was published Jun 14, 2022

An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569... High Unreviewed

CVE-2022-43310 was published Nov 10, 2022

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability was... Moderate Unreviewed

CVE-2022-29836 was published Nov 10, 2022

Cisco IP Phone 8800 devices with software 11.0(1) allow remote attackers to cause a denial of... High Unreviewed

CVE-2016-1479 was published May 17, 2022

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.)... High Unreviewed

CVE-2021-42891 was published Jun 4, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

275,710 advisories