Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,071
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

287 advisories

Loading
Due to a bug in the handling of the communication between the client and server, it was possible... Moderate Unreviewed
CVE-2022-35629 was published Jul 30, 2022
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads... High Unreviewed
CVE-2022-2324 was published Jul 30, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to... High Unreviewed
CVE-2022-30319 was published Jul 29, 2022
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x... Critical Unreviewed
CVE-2022-2310 was published Jul 28, 2022
Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a... Moderate Unreviewed
CVE-2022-1495 was published Jul 27, 2022
Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a... Moderate Unreviewed
CVE-2022-1306 was published Jul 26, 2022
Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88... Moderate Unreviewed
CVE-2022-1307 was published Jul 26, 2022
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896... Moderate Unreviewed
CVE-2022-1129 was published Jul 24, 2022
Microweber before 1.2.21 allows attacker to bypass IP detection to brute-force password Moderate
CVE-2022-2368 was published for microweber/microweber (Composer) Jul 12, 2022
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are... High Unreviewed
CVE-2022-22476 was published Jul 9, 2022
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems... High Unreviewed
CVE-2022-1745 was published Jun 25, 2022
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit... Moderate Unreviewed
CVE-2022-32983 was published Jun 21, 2022
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in... High Unreviewed
CVE-2022-1762 was published Jun 14, 2022
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2.... Moderate Unreviewed
CVE-2021-32076 was published May 24, 2022
Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core... Moderate Unreviewed
CVE-2020-10135 was published May 24, 2022
Argo CD will blindly trust JWT claims if anonymous access is enabled Critical
CVE-2022-29165 was published for github.com/argoproj/argo-cd (Go) May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability High Unreviewed
CVE-2021-42308 was published May 24, 2022
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar Moderate Unreviewed
CVE-2020-27970 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed
CVE-2021-30619 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed
CVE-2021-30621 was published May 24, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are... Critical Unreviewed
CVE-2021-34646 was published May 24, 2022
ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek... High Unreviewed
CVE-2021-28372 was published May 24, 2022
Windows LSA Spoofing Vulnerability Moderate Unreviewed
CVE-2021-36942 was published May 24, 2022
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By... Critical Unreviewed
CVE-2020-7388 was published May 24, 2022
Windows Hello Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-34466 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database