Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

210 advisories

Loading
Cross-site Scripting in wiki manager join wiki page High
CVE-2022-29252 was published for org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki (Maven) May 25, 2022
Cross-site Scripting in Filter Stream Converter Application in XWiki Platform High
CVE-2022-29258 was published for org.xwiki.platform:xwiki-platform-filter-ui (Maven) Jun 1, 2022
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior... High Unreviewed
CVE-2022-0935 was published Apr 8, 2022
An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470.... High Unreviewed
CVE-2021-42324 was published Apr 6, 2022
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection... Moderate Unreviewed
CVE-2022-22344 was published Mar 15, 2022
CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly... High Unreviewed
CVE-2022-22151 was published Mar 12, 2022
Insufficient output escaping of attachment names in PHPMailer High
CVE-2020-13625 was published for phpmailer/phpmailer (Composer) May 27, 2020
Control character injection in console output in github.com/ipfs/go-ipfs Moderate
CVE-2020-26283 was published for github.com/ipfs/go-ipfs (Go) Jun 23, 2021
tintinweb
Secret disclosure when containing characters that become URI encoded High
CVE-2020-26226 was published for semantic-release (npm) Nov 18, 2020
dbjorge
Improper Input Validation in Symfony Critical
CVE-2019-11325 was published for symfony/symfony (Composer) Feb 12, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database