GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
259,350 advisories
Filter by severity
The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter...
Critical
Unreviewed
CVE-2022-1556
was published
May 31, 2022
The Team Members WordPress plugin before 5.1.1 does not escape some of its Team settings, which...
Moderate
Unreviewed
CVE-2022-1568
was published
May 31, 2022
The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings...
Moderate
Unreviewed
CVE-2022-1645
was published
May 31, 2022
The Call&Book Mobile Bar WordPress plugin through 1.2.2 does not sanitize and escape some of its...
Moderate
Unreviewed
CVE-2022-1644
was published
May 31, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal...
High
Unreviewed
CVE-2021-20990
was published
May 24, 2022
There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this...
Critical
Unreviewed
CVE-2021-22474
was published
May 24, 2022
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially...
Critical
Unreviewed
CVE-2020-27227
was published
May 24, 2022
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress...
Critical
Unreviewed
CVE-2021-24215
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24194
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24195
was published
May 24, 2022
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4...
Moderate
Unreviewed
CVE-2021-24219
was published
May 24, 2022
The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1...
High
Unreviewed
CVE-2016-1472
was published
May 17, 2022
The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows...
High
Unreviewed
CVE-2016-3865
was published
May 17, 2022
Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x...
High
Unreviewed
CVE-2016-3872
was published
May 17, 2022
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus...
High
Unreviewed
CVE-2016-3874
was published
May 17, 2022
Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.
Critical
Unreviewed
CVE-2016-3877
was published
May 17, 2022
internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0...
Moderate
Unreviewed
CVE-2016-3883
was published
May 17, 2022
On Juniper Networks Junos OS platforms with link aggregation (lag) configured, executing any...
High
Unreviewed
CVE-2021-0230
was published
May 24, 2022
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300...
Moderate
Unreviewed
CVE-2021-0242
was published
May 24, 2022
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense ...
High
Unreviewed
CVE-2021-1402
was published
May 24, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,...
Critical
Unreviewed
CVE-2021-1459
was published
May 24, 2022
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers...
Critical
Unreviewed
CVE-2022-30711
was published
Jun 8, 2022
Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2...
Low
Unreviewed
CVE-2022-30742
was published
Jun 8, 2022
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers...
Moderate
Unreviewed
CVE-2022-30725
was published
Jun 8, 2022
Virtua Cobranca before 12R allows SQL Injection on the login page.
High
Unreviewed
CVE-2021-37589
was published
Jun 8, 2022
ProTip!
Advisories are also available from the
GraphQL API