Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

240,177 advisories

`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow Moderate
CVE-2022-23581 was published for tensorflow (pip) Feb 7, 2022
Abort caused by allocating a vector that is too large in Tensorflow Moderate
CVE-2022-23580 was published for tensorflow (pip) Feb 7, 2022
Cookie and header exposure in twisted High
CVE-2022-21712 was published for twisted (pip) Feb 7, 2022
ranjit-git alex
twm
Validation bypass in frourio High
CVE-2022-23623 was published for frourio (npm) Feb 7, 2022
SegaraRai LumaKernel
Validation bypass in frourio-express High
CVE-2022-23624 was published for frourio-express (npm) Feb 7, 2022
SegaraRai LumaKernel
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-23262 was published Feb 8, 2022
Microsoft Edge (Chromium-based) Tampering Vulnerability. Moderate Unreviewed
CVE-2022-23261 was published Feb 8, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a... Moderate Unreviewed
CVE-2022-21816 was published Feb 8, 2022
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm... Moderate Unreviewed
CVE-2022-21815 was published Feb 8, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper... Moderate Unreviewed
CVE-2022-21813 was published Feb 8, 2022
QuickBox Pro v2.4.8 contains a cross-site scripting (XSS) vulnerability at "adminuseredit.php... Moderate Unreviewed
CVE-2021-45281 was published Feb 8, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... High Unreviewed
CVE-2022-23263 was published Feb 8, 2022
The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one... Critical Unreviewed
CVE-2021-25114 was published Feb 8, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a... Moderate Unreviewed
CVE-2021-25096 was published Feb 8, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where... Moderate Unreviewed
CVE-2022-21814 was published Feb 8, 2022
A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that... High Unreviewed
CVE-2021-42833 was published Feb 8, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.6 does not have CSRF check in the... Moderate Unreviewed
CVE-2021-25108 was published Feb 8, 2022
The All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs WordPress plugin... Moderate Unreviewed
CVE-2022-0148 was published Feb 8, 2022
The WooCommerce WordPress plugin before 2.7.1 was affected by a Reflected Cross-Site Scripting ... Moderate Unreviewed
CVE-2022-0149 was published Feb 8, 2022
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WPLegalPages... Moderate Unreviewed
CVE-2021-25106 was published Feb 8, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and... High Unreviewed
CVE-2021-25095 was published Feb 8, 2022
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape... Moderate Unreviewed
CVE-2021-25029 was published Feb 8, 2022
The SupportCandy WordPress plugin before 2.2.7 does not have CSRF check in the wpsc_tickets AJAX... High Unreviewed
CVE-2021-24879 was published Feb 8, 2022
The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which... Moderate Unreviewed
CVE-2021-25105 was published Feb 8, 2022
The Store Toolkit for WooCommerce WordPress plugin before 2.3.2 does not sanitise and escape the... Moderate Unreviewed
CVE-2021-25077 was published Feb 8, 2022
ProTip! Advisories are also available from the GraphQL API