Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

113,770 advisories

Loading
Information disclosure in the Contao backend Moderate
CVE-2019-19712 was published for contao/contao (Composer) Dec 17, 2019
Cross site scripting in the system log Moderate
CVE-2021-35210 was published for contao/contao (Composer) Jul 1, 2021
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in... Moderate Unreviewed
CVE-2022-2127 was published Jul 20, 2023
A flaw was found in the way samba handled file and directory permissions. An authenticated user... Moderate Unreviewed
CVE-2020-14318 was published May 24, 2022
A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure... Moderate Unreviewed
CVE-2022-32742 was published Aug 26, 2022
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC... Moderate Unreviewed
CVE-2020-14383 was published May 24, 2022
DOM-XSS on Backoffice login screen. Moderate
CVE-2023-48313 was published for Umbraco.CMS (NuGet) Dec 13, 2023
RaphaelCSSilva
The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-3645 was published Apr 22, 2024
Cross-Site Scripting (XSS) vulnerability in the Holded application. This vulnerability could... Moderate Unreviewed
CVE-2024-4026 was published Apr 22, 2024
Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue... Moderate Unreviewed
CVE-2024-32681 was published Apr 22, 2024
Missing Authorization vulnerability in realmag777 Active Products Tables for WooCommerce.This... Moderate Unreviewed
CVE-2024-32691 was published Apr 22, 2024
Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate... Moderate Unreviewed
CVE-2024-32684 was published Apr 22, 2024
Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce... Moderate Unreviewed
CVE-2024-32687 was published Apr 22, 2024
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards:... Moderate Unreviewed
CVE-2024-32688 was published Apr 22, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-32698 was published Apr 22, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-32697 was published Apr 22, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-32696 was published Apr 22, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-32690 was published Apr 22, 2024
Information disclosure in WLAN HAL while handling the WMI state info command. Moderate Unreviewed
CVE-2023-28566 was published Nov 14, 2023
Information disclosure in DSP Services while loading dynamic module. Moderate Unreviewed
CVE-2023-21624 was published Jul 4, 2023
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report... Moderate Unreviewed
CVE-2022-33273 was published May 2, 2023
Memory corruption in Audio while calling START command on host voice PCM multiple times for the... Moderate Unreviewed
CVE-2023-33067 was published Feb 6, 2024
Transient DOS in Audio when invoking callback function of ASM driver. Moderate Unreviewed
CVE-2023-33064 was published Feb 6, 2024
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming... Moderate Unreviewed
CVE-2023-28571 was published Oct 3, 2023
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. Moderate Unreviewed
CVE-2023-28554 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database