GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,403

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

259,330 advisories

Filter by severity

Sort by

Least recently updated

The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter... Critical Unreviewed

CVE-2022-1556 was published May 31, 2022

The Team Members WordPress plugin before 5.1.1 does not escape some of its Team settings, which... Moderate Unreviewed

CVE-2022-1568 was published May 31, 2022

The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings... Moderate Unreviewed

CVE-2022-1645 was published May 31, 2022

The Call&Book Mobile Bar WordPress plugin through 1.2.2 does not sanitize and escape some of its... Moderate Unreviewed

CVE-2022-1644 was published May 31, 2022

In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal... High Unreviewed

CVE-2021-20990 was published May 24, 2022

There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-22474 was published May 24, 2022

An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially... Critical Unreviewed

CVE-2020-27227 was published May 24, 2022

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed

CVE-2021-24215 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24194 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24195 was published May 24, 2022

The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4... Moderate Unreviewed

CVE-2021-24219 was published May 24, 2022

The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1... High Unreviewed

CVE-2016-1472 was published May 17, 2022

The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows... High Unreviewed

CVE-2016-3865 was published May 17, 2022

Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x... High Unreviewed

CVE-2016-3872 was published May 17, 2022

CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus... High Unreviewed

CVE-2016-3874 was published May 17, 2022

Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors. Critical Unreviewed

CVE-2016-3877 was published May 17, 2022

internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0... Moderate Unreviewed

CVE-2016-3883 was published May 17, 2022

On Juniper Networks Junos OS platforms with link aggregation (lag) configured, executing any... High Unreviewed

CVE-2021-0230 was published May 24, 2022

A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300... Moderate Unreviewed

CVE-2021-0242 was published May 24, 2022

A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense ... High Unreviewed

CVE-2021-1402 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,... Critical Unreviewed

CVE-2021-1459 was published May 24, 2022

Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed

CVE-2022-30711 was published Jun 8, 2022

Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2... Low Unreviewed

CVE-2022-30742 was published Jun 8, 2022

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers... Moderate Unreviewed

CVE-2022-30725 was published Jun 8, 2022

Virtua Cobranca before 12R allows SQL Injection on the login page. High Unreviewed

CVE-2021-37589 was published Jun 8, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

259,330 advisories