Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

24,798 advisories

Loading
Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value... Critical Unreviewed
CVE-2022-35154 was published Aug 19, 2022
A vulnerability, which was classified as critical, was found in SourceCodester Student Management... Critical Unreviewed
CVE-2022-2876 was published Aug 19, 2022
LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via... Critical Unreviewed
CVE-2022-35164 was published Aug 19, 2022
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-35175 was published Aug 19, 2022
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote... Critical Unreviewed
CVE-2022-37061 was published Aug 19, 2022
A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0... Critical Unreviewed
CVE-2022-35604 was published Aug 19, 2022
A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem... Critical Unreviewed
CVE-2022-35598 was published Aug 19, 2022
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0... Critical Unreviewed
CVE-2022-35603 was published Aug 19, 2022
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows... Critical Unreviewed
CVE-2022-35602 was published Aug 19, 2022
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows... Critical Unreviewed
CVE-2022-35605 was published Aug 19, 2022
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0... Critical Unreviewed
CVE-2022-35606 was published Aug 19, 2022
A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0... Critical Unreviewed
CVE-2022-35601 was published Aug 19, 2022
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows... Critical Unreviewed
CVE-2022-35599 was published Aug 19, 2022
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-36722 was published Aug 19, 2022
Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6... Critical Unreviewed
CVE-2022-22730 was published Aug 19, 2022
Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before... Critical Unreviewed
CVE-2022-25899 was published Aug 19, 2022
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-36728 was published Aug 19, 2022
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-36729 was published Aug 19, 2022
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-36727 was published Aug 19, 2022
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-36725 was published Aug 19, 2022
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may... Critical Unreviewed
CVE-2022-30601 was published Aug 19, 2022
Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack... Critical Unreviewed
CVE-2022-36947 was published Aug 19, 2022
Use of Hard-coded Credentials in AgileConfig.Client Critical
CVE-2022-35540 was published for AgileConfig.Client (NuGet) Aug 19, 2022
OmniAuth's `lib/omniauth/failure_endpoint.rb` does not escape `message_key` value Critical
CVE-2020-36599 was published for omniauth (RubyGems) Aug 19, 2022
gsimoesr
React Editable Json Tree vulnerable to arbitrary code execution via function parsing Critical
CVE-2022-36010 was published for react-editable-json-tree (npm) Aug 18, 2022
Phanabani oxyno-zeta
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database