GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
4,884 advisories
Filter by severity
XML External Entity Reference in RESTEasy
Moderate
CVE-2014-7839
was published
for
org.jboss.resteasy:resteasy-jaxrs
(Maven)
May 17, 2022
An exploitable denial of service vulnerability exists in the object lookup functionality of Yara...
Moderate
Unreviewed
CVE-2019-5020
was published
May 24, 2022
Improper Input Validation in Apache Karaf
Moderate
CVE-2014-0219
was published
for
org.apache.karaf:apache-karaf
(Maven)
May 14, 2022
An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X,...
Moderate
Unreviewed
CVE-2018-4046
was published
May 13, 2022
An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X,...
Moderate
Unreviewed
CVE-2018-4044
was published
May 13, 2022
An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X,...
Moderate
Unreviewed
CVE-2018-4045
was published
May 13, 2022
An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X,...
Moderate
Unreviewed
CVE-2018-4042
was published
May 13, 2022
An exploitable privilege escalation vulnerability exists in the way the CleanMyMac X software...
Moderate
Unreviewed
CVE-2018-4032
was published
May 13, 2022
In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial...
Moderate
Unreviewed
CVE-2020-9014
was published
May 24, 2022
Microsoft SharePoint Spoofing Vulnerability
Moderate
Unreviewed
CVE-2021-24104
was published
May 24, 2022
Improper Input Validation in Apache Batik
Moderate
CVE-2015-0250
was published
for
org.apache.xmlgraphics:batik
(Maven)
May 17, 2022
Improper Input Validation in strapi
Moderate
CVE-2020-13961
was published
for
strapi
(npm)
May 24, 2022
When a user opens manipulated Portable Document Format (.PDF) files received from untrusted...
Moderate
Unreviewed
CVE-2021-27595
was published
May 24, 2022
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php ...
Moderate
Unreviewed
CVE-2020-11579
was published
May 24, 2022
Improper Input Validation in Bouncy Castle
Moderate
CVE-2013-1624
was published
for
org.bouncycastle:bcprov-jdk15on
(Maven)
May 14, 2022
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type...
Moderate
Unreviewed
CVE-2020-1020
was published
May 24, 2022
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating...
Moderate
Unreviewed
CVE-2020-12391
was published
May 24, 2022
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the ...
Moderate
Unreviewed
CVE-2022-4033
was published
Nov 29, 2022
An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents...
Moderate
Unreviewed
CVE-2021-26029
was published
May 24, 2022
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the...
Moderate
Unreviewed
CVE-2021-28150
was published
May 24, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality...
Moderate
Unreviewed
CVE-2021-44385
was published
Jan 29, 2022
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a...
Moderate
Unreviewed
CVE-2021-30540
was published
May 24, 2022
When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted...
Moderate
Unreviewed
CVE-2021-27596
was published
May 24, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL)....
Moderate
Unreviewed
CVE-2017-3258
was published
May 14, 2022
Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote...
Moderate
Unreviewed
CVE-2019-5839
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API