Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

24,312 advisories

Loading
The seminars (aka Seminar Manager) extension through 4.1.3 for TYPO3 allows SQL Injection. Critical Unreviewed
CVE-2022-29601 was published Jul 13, 2022
The oelib (aka One is Enough Library) extension through 4.1.5 for TYPO3 allows SQL Injection. Critical Unreviewed
CVE-2022-29600 was published Jul 13, 2022
Active Record RCE bug with Serialized Columns Critical
CVE-2022-32224 was published for activerecord (RubyGems) Jul 12, 2022
The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute... Critical Unreviewed
CVE-2022-31586 was published Jul 12, 2022
The zippies/testplatform repository through 2016-07-19 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31588 was published Jul 12, 2022
The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31587 was published Jul 12, 2022
Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created... Critical Unreviewed
CVE-2022-32294 was published Jul 12, 2022
The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute... Critical Unreviewed
CVE-2022-31583 was published Jul 12, 2022
The umeshpatil-dev/Home__internet repository through 2020-08-28 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31585 was published Jul 12, 2022
The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31582 was published Jul 12, 2022
The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31579 was published Jul 12, 2022
The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31580 was published Jul 12, 2022
The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31534 was published Jul 12, 2022
The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because... Critical Unreviewed
CVE-2022-31542 was published Jul 12, 2022
The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31550 was published Jul 12, 2022
Tooxie Shiva 0.10.0 allows absolute path traversal because Flask send_file function used unsafely Critical
CVE-2022-31558 was published for shiva (pip) Jul 12, 2022
The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows... Critical Unreviewed
CVE-2022-31554 was published Jul 12, 2022
The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31556 was published Jul 12, 2022
The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31561 was published Jul 12, 2022
The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the... Critical Unreviewed
CVE-2022-31567 was published Jul 12, 2022
The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31568 was published Jul 12, 2022
The RipudamanKaushikDal/projects repository through 2022-04-03 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31569 was published Jul 12, 2022
The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31553 was published Jul 12, 2022
ChainerRL Visualizer 0.1.1 vulnerable to Path Traversal via unsafe use of send_file function Critical
CVE-2022-31573 was published for chainerrl-visualizer (pip) Jul 12, 2022
The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31574 was published Jul 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database