GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,257

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

24,433 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to... Critical Unreviewed

CVE-2022-26136 was published Jul 21, 2022

Java Melody vulnerable to cross-site scripting Critical

CVE-2016-1000273 was published for net.bull.javamelody:javamelody-core (Maven) Jul 20, 2022

A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as... Critical Unreviewed

CVE-2022-2467 was published Jul 20, 2022

Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to... Critical Unreviewed

CVE-2022-35405 was published Jul 20, 2022

If an on-premise installation of the Pega Platform is configured with the port for the JMX... Critical Unreviewed

CVE-2022-24082 was published Jul 20, 2022

Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2022-34023 was published Jul 20, 2022

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Critical Unreviewed

CVE-2022-21543 was published Jul 20, 2022

Properties-Reader before v2.2.0 vulnerable to prototype pollution Critical

CVE-2020-28471 was published for properties-reader (npm) Jul 19, 2022

An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer... Critical Unreviewed

CVE-2021-40874 was published Jul 19, 2022

QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. Critical Unreviewed

CVE-2021-41419 was published Jul 19, 2022

UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection... Critical Unreviewed

CVE-2022-27434 was published Jul 19, 2022

The server checks the user's cookie in a non-standard way, and a value is entered in the cookie... Critical Unreviewed

CVE-2022-30623 was published Jul 19, 2022

The Feed Them Social – for Twitter feed, Youtube and more plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2022-2437 was published Jul 19, 2022

Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin... Critical Unreviewed

CVE-2022-35741 was published Jul 19, 2022

Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Critical Unreviewed

CVE-2022-34029 was published Jul 19, 2022

Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed

CVE-2022-34632 was published Jul 19, 2022

The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when... Critical Unreviewed

CVE-2022-34635 was published Jul 19, 2022

thenify before 3.3.1 made use of unsafe calls to `eval`. Critical

CVE-2020-7677 was published for org.webjars.npm:thenify (Maven) Jul 18, 2022

An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file ... Critical Unreviewed

CVE-2022-26479 was published Jul 18, 2022

An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can... Critical Unreviewed

CVE-2022-26352 was published Jul 18, 2022

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer... Critical Unreviewed

CVE-2022-31209 was published Jul 18, 2022

libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor... Critical Unreviewed

CVE-2022-32985 was published Jul 18, 2022

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET... Critical Unreviewed

CVE-2022-31211 was published Jul 18, 2022

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject... Critical Unreviewed

CVE-2022-31210 was published Jul 18, 2022

A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This... Critical Unreviewed

CVE-2017-20138 was published Jul 17, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,433 advisories