Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,287
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,743
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

24,086 advisories

Loading
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \rdms\admin?page=user... Critical Unreviewed
CVE-2022-31941 was published Jun 18, 2022
Signature forgery in Biscuit Critical
CVE-2022-31053 was published for biscuit-auth (Go) Jun 17, 2022
avivdolev Churro
Delegate functions are missing `Send` bound Critical
GHSA-x4mq-m75f-mx8m was published for windows (Rust) Jun 17, 2022
KamilaBorowska
Miscomputation when performing AES encryption in rust-crypto Critical
GHSA-jp3w-3q88-34cf was published for rust-crypto (Rust) Jun 17, 2022
Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. Critical Unreviewed
CVE-2022-2098 was published Jun 17, 2022
SQL injection vulnerabilities exist in Wuzhicms v4.1.0 which allows attackers to execute... Critical Unreviewed
CVE-2021-41654 was published Jun 17, 2022
XML External Entity Reference in drools Critical
CVE-2021-41411 was published for org.drools:drools-core (Maven) Jun 17, 2022
wnicholson
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using... Critical Unreviewed
CVE-2022-31625 was published Jun 17, 2022
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-31384 was published Jun 17, 2022
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-31383 was published Jun 17, 2022
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-31382 was published Jun 17, 2022
NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'. Critical Unreviewed
CVE-2021-41487 was published Jun 17, 2022
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to... Critical Unreviewed
CVE-2022-24562 was published Jun 17, 2022
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the... Critical Unreviewed
CVE-2022-33752 was published Jun 17, 2022
CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic... Critical Unreviewed
CVE-2022-33750 was published Jun 17, 2022
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the... Critical Unreviewed
CVE-2022-33754 was published Jun 17, 2022
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection... Critical Unreviewed
CVE-2022-30329 was published Jun 17, 2022
Generated code can read and write out of bounds in safe code Critical
GHSA-3jch-9qgp-4844 was published for flatbuffers (Rust) Jun 16, 2022
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
An exploitable out-of-bounds write vulnerability in PotPlayer 1.7.21523 build 210729 may lead to... Critical Unreviewed
CVE-2021-40212 was published Jun 16, 2022
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free.... Critical Unreviewed
CVE-2022-20127 was published Jun 16, 2022
In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to... Critical Unreviewed
CVE-2022-20130 was published Jun 16, 2022
The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives... Critical Unreviewed
CVE-2022-20210 was published Jun 16, 2022
Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A Critical Unreviewed
CVE-2022-20191 was published Jun 16, 2022
Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A Critical Unreviewed
CVE-2022-20164 was published Jun 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database