Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

4,830 advisories

Loading
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in... Moderate Unreviewed
CVE-2018-12123 was published May 13, 2022
XML External Entity Reference in RESTEasy Moderate
CVE-2014-7839 was published for org.jboss.resteasy:resteasy-jaxrs (Maven) May 17, 2022
Improper Input Validation in Apache Karaf Moderate
CVE-2014-0219 was published for org.apache.karaf:apache-karaf (Maven) May 14, 2022
An exploitable denial of service vulnerability exists in the object lookup functionality of Yara... Moderate Unreviewed
CVE-2019-5020 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X,... Moderate Unreviewed
CVE-2018-4045 was published May 13, 2022
An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X,... Moderate Unreviewed
CVE-2018-4046 was published May 13, 2022
An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X,... Moderate Unreviewed
CVE-2018-4044 was published May 13, 2022
An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X,... Moderate Unreviewed
CVE-2018-4042 was published May 13, 2022
An exploitable privilege escalation vulnerability exists in the way the CleanMyMac X software... Moderate Unreviewed
CVE-2018-4032 was published May 13, 2022
In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial... Moderate Unreviewed
CVE-2020-9014 was published May 24, 2022
Microsoft SharePoint Spoofing Vulnerability Moderate Unreviewed
CVE-2021-24104 was published May 24, 2022
Improper Input Validation in Apache Batik Moderate
CVE-2015-0250 was published for org.apache.xmlgraphics:batik (Maven) May 17, 2022
Improper Input Validation in strapi Moderate
CVE-2020-13961 was published for strapi (npm) May 24, 2022
When a user opens manipulated Portable Document Format (.PDF) files received from untrusted... Moderate Unreviewed
CVE-2021-27595 was published May 24, 2022
Improper Input Validation in Bouncy Castle Moderate
CVE-2013-1624 was published for org.bouncycastle:bcprov-jdk15on (Maven) May 14, 2022
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php ... Moderate Unreviewed
CVE-2020-11579 was published May 24, 2022
Keycloak user may register themselves with same email ID of any existing user Moderate
CVE-2021-3754 was published for org.keycloak:keycloak-core (Maven) Aug 27, 2022
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating... Moderate Unreviewed
CVE-2020-12391 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type... Moderate Unreviewed
CVE-2020-1020 was published May 24, 2022
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the ... Moderate Unreviewed
CVE-2022-4033 was published Nov 29, 2022
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the... Moderate Unreviewed
CVE-2021-28150 was published May 24, 2022
An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents... Moderate Unreviewed
CVE-2021-26029 was published May 24, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... Moderate Unreviewed
CVE-2021-44385 was published Jan 29, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).... Moderate Unreviewed
CVE-2017-3258 was published May 14, 2022
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a... Moderate Unreviewed
CVE-2021-30540 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database