Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,757
NuGet
678
pip
3,444
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

263,419 advisories

Loading
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense ... High Unreviewed
CVE-2021-1402 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,... Critical Unreviewed
CVE-2021-1459 was published May 24, 2022
server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 does not enforce the... High Unreviewed
CVE-2016-3875 was published May 17, 2022
SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers... Critical Unreviewed
CVE-2015-2798 was published May 17, 2022
A vulnerability in the web-based management interface of the Cisco Secure Access Control System ... Moderate Unreviewed
CVE-2017-6769 was published May 17, 2022
Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors. Critical Unreviewed
CVE-2016-3877 was published May 17, 2022
Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x... High Unreviewed
CVE-2016-3872 was published May 17, 2022
The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1... High Unreviewed
CVE-2016-1472 was published May 17, 2022
The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows... High Unreviewed
CVE-2016-3865 was published May 17, 2022
internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0... Moderate Unreviewed
CVE-2016-3883 was published May 17, 2022
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus... High Unreviewed
CVE-2016-3874 was published May 17, 2022
The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length... High Unreviewed
CVE-2015-1465 was published May 17, 2022
The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php,... Moderate Unreviewed
CVE-2017-12131 was published May 17, 2022
Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of service (application... Moderate Unreviewed
CVE-2017-11674 was published May 17, 2022
The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin... Moderate Unreviewed
CVE-2017-12068 was published May 17, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24194 was published May 24, 2022
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed
CVE-2021-24215 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24195 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal... High Unreviewed
CVE-2021-20990 was published May 24, 2022
A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow... High Unreviewed
CVE-2020-7034 was published May 24, 2022
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300... Moderate Unreviewed
CVE-2021-0242 was published May 24, 2022
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4... Moderate Unreviewed
CVE-2021-24219 was published May 24, 2022
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially... Critical Unreviewed
CVE-2020-27227 was published May 24, 2022
The Team Members WordPress plugin before 5.1.1 does not escape some of its Team settings, which... Moderate Unreviewed
CVE-2022-1568 was published May 31, 2022
The User Meta WordPress plugin before 2.4.3 does not sanitise and escape the Form Name, as well... Moderate Unreviewed
CVE-2022-0376 was published May 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database