Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

255,714 advisories

Loading
Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address... Moderate Unreviewed
CVE-2022-30738 was published Jun 8, 2022
FUDforum 3.1.2 is vulnerable to Stored XSS via Forum Name field in Forum Manager Feature. Moderate Unreviewed
CVE-2022-30861 was published Jun 7, 2022
In ccu, there is a possible memory corruption due to a double free. This could lead to local... Moderate Unreviewed
CVE-2022-21758 was published Jun 7, 2022
There's a flaw in the zeromq server in versions before 4.3.3 in src/decoder_allocators.hpp. The... High Unreviewed
CVE-2021-20235 was published May 24, 2022
A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow... High Unreviewed
CVE-2021-1384 was published May 24, 2022
SAP Analysis for Microsoft Office - version 2.8, allows an attacker with high privileges to read... Moderate Unreviewed
CVE-2021-38175 was published May 24, 2022
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information... High Unreviewed
CVE-2021-41584 was published May 24, 2022
A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free... Moderate Unreviewed
CVE-2021-1958 was published May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 13.7.9. A... High Unreviewed
CVE-2021-22203 was published May 24, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2021-35594 was published May 24, 2022
In memory management driver, there is a possible system crash due to a missing bounds check. This... Moderate Unreviewed
CVE-2021-0422 was published May 24, 2022
The Brizy Page Builder plugin <= 2.3.11 for WordPress was vulnerable to stored XSS by lower... Moderate Unreviewed
CVE-2021-38344 was published May 24, 2022
In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of... Moderate Unreviewed
CVE-2021-39875 was published May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to... Moderate Unreviewed
CVE-2021-20372 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated... Moderate Unreviewed
CVE-2021-29700 was published May 24, 2022
An improper access control vulnerability [CWE-284] in FortiManager versions 6.4.4 and 6.4.5 may... Moderate Unreviewed
CVE-2021-26107 was published May 24, 2022
A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a... High Unreviewed
CVE-2021-22458 was published May 24, 2022
Integer overflow in the Region::unflatten function in libs/ui/Region.cpp in mediaserver in... Moderate Unreviewed
CVE-2016-3895 was published May 17, 2022
FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File... High Unreviewed
CVE-2022-30860 was published Jun 7, 2022
Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers... Moderate Unreviewed
CVE-2022-30731 was published Jun 8, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... Moderate Unreviewed
CVE-2022-30743 was published Jun 8, 2022
An unauthenticated attacker could arbitrarily upload firmware files to the target device,... High Unreviewed
CVE-2022-31480 was published Jun 7, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the... High Unreviewed
CVE-2022-31484 was published Jun 7, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14... Moderate Unreviewed
CVE-2022-1783 was published Jun 7, 2022
server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 does not enforce the... High Unreviewed
CVE-2016-3875 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database