Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

353 advisories

Loading
The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/... High Unreviewed
CVE-2021-40150 was published Jul 18, 2022
A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows... High Unreviewed
CVE-2022-40126 was published Sep 30, 2022
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi... High Unreviewed
CVE-2022-36552 was published Aug 31, 2022
The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup... High Unreviewed
CVE-2022-1585 was published Aug 2, 2022
Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Jenkins Pipeline: Groovy Plugin High
CVE-2022-30945 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) May 18, 2022
NotMyFault
WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030... High Unreviewed
CVE-2022-44356 was published Nov 29, 2022
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow... High Unreviewed
CVE-2022-29447 was published May 21, 2022
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow... High Unreviewed
CVE-2022-29446 was published May 20, 2022
cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. After login, the... Moderate Unreviewed
CVE-2021-42644 was published May 18, 2022
OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via... Moderate Unreviewed
CVE-2022-43449 was published Nov 4, 2022
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the... High Unreviewed
CVE-2020-3926 was published May 24, 2022
The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in... Moderate Unreviewed
CVE-2020-7241 was published May 24, 2022
Some Dahua software products have a vulnerability of unrestricted download of file. After... Moderate Unreviewed
CVE-2022-45426 was published Dec 27, 2022
A vulnerability has been identified in OZW672 (All versions < V10.00), OZW772 (All versions < V10... Moderate Unreviewed
CVE-2019-13941 was published May 24, 2022
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the... High Unreviewed
CVE-2020-3927 was published May 24, 2022
Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system... High Unreviewed
CVE-2019-7305 was published May 24, 2022
GitOps Run allows for Kubernetes workload injection High
CVE-2022-23508 was published for github.com/weaveworks/weave-gitops (Go) Jan 9, 2023
pjbgf
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment... Moderate Unreviewed
CVE-2020-26182 was published May 24, 2022
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows... Moderate Unreviewed
CVE-2020-11641 was published May 24, 2022
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior... Moderate Unreviewed
CVE-2020-1908 was published May 24, 2022
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows... Moderate Unreviewed
CVE-2020-11642 was published May 24, 2022
Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.... Moderate Unreviewed
CVE-2020-26183 was published May 24, 2022
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows... Moderate Unreviewed
CVE-2020-27368 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection... High Unreviewed
CVE-2020-26549 was published May 24, 2022
A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape... High Unreviewed
CVE-2021-20253 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database