Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

259,339 advisories

Loading
`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow Moderate
CVE-2022-23581 was published for tensorflow (pip) Feb 7, 2022
Abort caused by allocating a vector that is too large in Tensorflow Moderate
CVE-2022-23580 was published for tensorflow (pip) Feb 7, 2022
Cookie and header exposure in twisted High
CVE-2022-21712 was published for Twisted (pip) Feb 7, 2022
ranjit-git alex
twm
Validation bypass in frourio High
CVE-2022-23623 was published for frourio (npm) Feb 7, 2022
SegaraRai LumaKernel
Validation bypass in frourio-express High
CVE-2022-23624 was published for frourio-express (npm) Feb 7, 2022
SegaraRai LumaKernel
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper... Moderate Unreviewed
CVE-2022-21813 was published Feb 8, 2022
QuickBox Pro v2.4.8 contains a cross-site scripting (XSS) vulnerability at "adminuseredit.php... Moderate Unreviewed
CVE-2021-45281 was published Feb 8, 2022
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm... Moderate Unreviewed
CVE-2022-21815 was published Feb 8, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a... Moderate Unreviewed
CVE-2022-21816 was published Feb 8, 2022
Microsoft Edge (Chromium-based) Tampering Vulnerability. Moderate Unreviewed
CVE-2022-23261 was published Feb 8, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-23262 was published Feb 8, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.6 does not have CSRF check in the... Moderate Unreviewed
CVE-2021-25108 was published Feb 8, 2022
The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one... Critical Unreviewed
CVE-2021-25114 was published Feb 8, 2022
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WPLegalPages... Moderate Unreviewed
CVE-2021-25106 was published Feb 8, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a... Moderate Unreviewed
CVE-2021-25096 was published Feb 8, 2022
A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that... High Unreviewed
CVE-2021-42833 was published Feb 8, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where... Moderate Unreviewed
CVE-2022-21814 was published Feb 8, 2022
The All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs WordPress plugin... Moderate Unreviewed
CVE-2022-0148 was published Feb 8, 2022
The WooCommerce WordPress plugin before 2.7.1 was affected by a Reflected Cross-Site Scripting ... Moderate Unreviewed
CVE-2022-0149 was published Feb 8, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... High Unreviewed
CVE-2022-23263 was published Feb 8, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and... High Unreviewed
CVE-2021-25095 was published Feb 8, 2022
The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with a random name when... Moderate Unreviewed
CVE-2021-25004 was published Feb 8, 2022
The SupportCandy WordPress plugin before 2.2.7 does not have CSRF check in the wpsc_tickets AJAX... High Unreviewed
CVE-2021-24879 was published Feb 8, 2022
The Rearrange Woocommerce Products WordPress plugin before 3.0.8 does not have proper access... Moderate Unreviewed
CVE-2021-24928 was published Feb 8, 2022
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape... Moderate Unreviewed
CVE-2021-25029 was published Feb 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database