Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux... Critical Unreviewed
CVE-2018-5855 was published May 13, 2022
PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access... Critical Unreviewed
CVE-2018-5190 was published May 13, 2022
While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in... Critical Unreviewed
CVE-2018-5882 was published May 13, 2022
Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12... Critical Unreviewed
CVE-2013-6014 was published May 13, 2022
Cantemo Portal before 3.2.13, 3.3.x before 3.3.8, and 3.4.x before 3.4.9 has XSS. Leveraging this... Critical Unreviewed
CVE-2019-7551 was published May 13, 2022
SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot (aka slack-archive... Critical Unreviewed
CVE-2018-17232 was published May 13, 2022
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in... Critical Unreviewed
CVE-2018-5999 was published May 13, 2022
SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task... Critical Unreviewed
CVE-2018-5989 was published May 13, 2022
A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter. Critical Unreviewed
CVE-2018-15873 was published May 13, 2022
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap... Critical Unreviewed
CVE-2018-20180 was published May 13, 2022
A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable... Critical Unreviewed
CVE-2018-8529 was published May 13, 2022
Account takeover in facturascripts Critical
CVE-2022-1715 was published for facturascripts/facturascripts (Composer) May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30395 was published May 14, 2022
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware,... Critical Unreviewed
CVE-2018-8934 was published May 13, 2022
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC,... Critical Unreviewed
CVE-2018-8935 was published May 13, 2022
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure... Critical Unreviewed
CVE-2018-8932 was published May 13, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30392 was published May 14, 2022
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command... Critical Unreviewed
CVE-2018-7440 was published May 13, 2022
A remote bypass of security restrictions vulnerability was identified in HPE Moonshot... Critical Unreviewed
CVE-2018-7072 was published May 13, 2022
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110... Critical Unreviewed
CVE-2018-7096 was published May 13, 2022
A remote code execution issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin... Critical Unreviewed
CVE-2018-8710 was published May 13, 2022
A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2... Critical Unreviewed
CVE-2018-9091 was published May 13, 2022
A Elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android... Critical Unreviewed
CVE-2018-9580 was published May 13, 2022
Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of... Critical Unreviewed
CVE-2018-9853 was published May 13, 2022
Etherpad Lite before 1.6.4 is exploitable for admin access. Critical Unreviewed
CVE-2018-9845 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database