Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,879 advisories

Loading
Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation... Critical Unreviewed
CVE-2020-14496 was published May 20, 2022
A remote code execution (RCE) vulnerability in Subconverter v0.7.2 allows attackers to execute... Critical Unreviewed
CVE-2022-28927 was published May 20, 2022
A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0)... Critical Unreviewed
CVE-2020-16209 was published May 20, 2022
Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to... Critical Unreviewed
CVE-2021-26630 was published May 20, 2022
GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in the admin login interface. A... Critical Unreviewed
CVE-2021-37413 was published May 20, 2022
Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0,... Critical Unreviewed
CVE-2022-28348 was published May 20, 2022
Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r29p0 through r36p0 before... Critical Unreviewed
CVE-2022-28350 was published May 20, 2022
Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0,... Critical Unreviewed
CVE-2022-28349 was published May 20, 2022
Authorization bypass in Spring Security Critical
CVE-2022-22978 was published for org.springframework.security:spring-security-core (Maven) May 20, 2022
secjoker moon2263
Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the... Critical Unreviewed
CVE-2022-28531 was published May 21, 2022
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. Critical Unreviewed
CVE-2022-1775 was published May 21, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication... Critical Unreviewed
CVE-2022-22972 was published May 21, 2022
A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash... Critical Unreviewed
CVE-2022-28618 was published May 21, 2022
Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml... Critical Unreviewed
CVE-2022-28995 was published May 21, 2022
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not... Critical Unreviewed
CVE-2022-28660 was published May 21, 2022
Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL... Critical Unreviewed
CVE-2022-26632 was published May 21, 2022
Simple Student Quarterly Result/Grade System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-26633 was published May 21, 2022
Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user... Critical Unreviewed
CVE-2022-28106 was published May 21, 2022
Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection... Critical Unreviewed
CVE-2022-28105 was published May 21, 2022
Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability. Critical Unreviewed
CVE-2022-28104 was published May 21, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... Critical Unreviewed
CVE-2022-29873 was published May 21, 2022
Multi Store Inventory Management System v1.0 allows attackers to perform an account takeover via... Critical Unreviewed
CVE-2022-28993 was published May 21, 2022
School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2022-30886 was published May 21, 2022
Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE)... Critical Unreviewed
CVE-2022-30887 was published May 21, 2022
ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-30518 was published May 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database