GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,387
Composer 4,669
Erlang 34
GitHub Actions 26
Go 2,262
Maven 5,521
npm 3,912
NuGet 705
pip 3,681
Pub 12
RubyGems 916
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,437

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,139 advisories

Filter by severity

Sort by

Least recently updated

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin... Critical Unreviewed

CVE-2021-43702 was published Jul 6, 2022

An arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code... Critical Unreviewed

CVE-2022-32413 was published Jul 6, 2022

Newsletter Module v3.x was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2022-31856 was published Jul 6, 2022

So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via... Critical Unreviewed

CVE-2022-34972 was published Jul 6, 2022

Ingredient Stock Management System v1.0 was discovered to contain a SQL injection vulnerability... Critical Unreviewed

CVE-2022-32311 was published Jul 6, 2022

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over... Critical Unreviewed

CVE-2022-32310 was published Jul 6, 2022

** DISPUTED ** md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a... Critical Unreviewed

CVE-2022-34913 was published Jul 3, 2022

SQL Injection vulnerability in viaviwebtech Android EBook App (Books App, PDF, ePub, Online Book... Critical Unreviewed

CVE-2021-32428 was published Jul 2, 2022

On Ampere Altra and AltraMax devices before SRP 1.09, the the Altra reference design of UEFI... Critical Unreviewed

CVE-2022-32295 was published Jul 2, 2022

A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS... Critical Unreviewed

CVE-2022-2253 was published Jul 2, 2022

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to... Critical Unreviewed

CVE-2022-2185 was published Jul 2, 2022

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2022-32095 was published Jul 2, 2022

PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src... Critical Unreviewed

CVE-2022-32324 was published Jul 2, 2022

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2022-32094 was published Jul 2, 2022

MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in... Critical Unreviewed

CVE-2022-32081 was published Jul 2, 2022

MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at ... Critical Unreviewed

CVE-2022-32091 was published Jul 2, 2022

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2022-32093 was published Jul 2, 2022

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in... Critical Unreviewed

CVE-2022-32032 was published Jul 2, 2022

A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected... Critical Unreviewed

CVE-2017-20125 was published Jul 1, 2022

EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options... Critical Unreviewed

CVE-2021-40643 was published Jul 1, 2022

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer... Critical Unreviewed

CVE-2022-34835 was published Jul 1, 2022

There is a buffer overflow in gps-sdr-sim v1.0 when parsing long command line parameters, which... Critical Unreviewed

CVE-2021-37778 was published Jul 1, 2022

Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS... Critical Unreviewed

CVE-2021-41506 was published Jul 1, 2022

An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force... Critical Unreviewed

CVE-2022-22487 was published Jul 1, 2022

There is an object injection vulnerability in swfupload plugin for wordpress. Critical Unreviewed

CVE-2013-4144 was published Jul 1, 2022

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,139 advisories