GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,770 advisories
Filter by severity
Information disclosure in the Contao backend
Moderate
CVE-2019-19712
was published
for
contao/contao
(Composer)
Dec 17, 2019
Cross site scripting in the system log
Moderate
CVE-2021-35210
was published
for
contao/contao
(Composer)
Jul 1, 2021
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in...
Moderate
Unreviewed
CVE-2022-2127
was published
Jul 20, 2023
A flaw was found in the way samba handled file and directory permissions. An authenticated user...
Moderate
Unreviewed
CVE-2020-14318
was published
May 24, 2022
A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure...
Moderate
Unreviewed
CVE-2022-32742
was published
Aug 26, 2022
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC...
Moderate
Unreviewed
CVE-2020-14383
was published
May 24, 2022
DOM-XSS on Backoffice login screen.
Moderate
CVE-2023-48313
was published
for
Umbraco.CMS
(NuGet)
Dec 13, 2023
The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-3645
was published
Apr 22, 2024
Cross-Site Scripting (XSS) vulnerability in the Holded application. This vulnerability could...
Moderate
Unreviewed
CVE-2024-4026
was published
Apr 22, 2024
Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue...
Moderate
Unreviewed
CVE-2024-32681
was published
Apr 22, 2024
Missing Authorization vulnerability in realmag777 Active Products Tables for WooCommerce.This...
Moderate
Unreviewed
CVE-2024-32691
was published
Apr 22, 2024
Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate...
Moderate
Unreviewed
CVE-2024-32684
was published
Apr 22, 2024
Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce...
Moderate
Unreviewed
CVE-2024-32687
was published
Apr 22, 2024
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards:...
Moderate
Unreviewed
CVE-2024-32688
was published
Apr 22, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-32698
was published
Apr 22, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-32697
was published
Apr 22, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-32696
was published
Apr 22, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-32690
was published
Apr 22, 2024
Information disclosure in WLAN HAL while handling the WMI state info command.
Moderate
Unreviewed
CVE-2023-28566
was published
Nov 14, 2023
Information disclosure in DSP Services while loading dynamic module.
Moderate
Unreviewed
CVE-2023-21624
was published
Jul 4, 2023
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report...
Moderate
Unreviewed
CVE-2022-33273
was published
May 2, 2023
Memory corruption in Audio while calling START command on host voice PCM multiple times for the...
Moderate
Unreviewed
CVE-2023-33067
was published
Feb 6, 2024
Transient DOS in Audio when invoking callback function of ASM driver.
Moderate
Unreviewed
CVE-2023-33064
was published
Feb 6, 2024
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming...
Moderate
Unreviewed
CVE-2023-28571
was published
Oct 3, 2023
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
Moderate
Unreviewed
CVE-2023-28554
was published
Nov 14, 2023
ProTip!
Advisories are also available from the
GraphQL API