GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,816
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,920
npm 4,119
NuGet 735
pip 3,941
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,962

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

105 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1. High Unreviewed

CVE-2023-2551 was published May 5, 2023

Broad access controls could allow site users to directly interact with the system Apache... High Unreviewed

CVE-2022-46302 was published Apr 20, 2023

XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows... High Unreviewed

CVE-2022-30037 was published Mar 23, 2023

Local File Inclusion vulnerability within Cloudflow allows attackers to retrieve confidential... High Unreviewed

CVE-2022-41216 was published Feb 22, 2023

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1... Moderate Unreviewed

CVE-2023-21440 was published Feb 9, 2023

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated... Critical Unreviewed

CVE-2022-24119 was published Dec 26, 2022

An iframe that was not permitted to run scripts could do so if the user clicked on a <code... High Unreviewed

CVE-2022-34468 was published Dec 22, 2022

A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos... High Unreviewed

CVE-2022-22246 was published Oct 18, 2022

The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user... Moderate Unreviewed

CVE-2022-37191 was published Sep 14, 2022

Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the... High Unreviewed

CVE-2022-34121 was published Jul 28, 2022

Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64... High Unreviewed

CVE-2022-33317 was published Jul 21, 2022

Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from... High Unreviewed

CVE-2022-30243 was published Jul 16, 2022

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated... High Unreviewed

CVE-2022-30244 was published Jul 16, 2022

Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1... Low Unreviewed

CVE-2022-33701 was published Jul 13, 2022

In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the... High Unreviewed

CVE-2021-41037 was published Jul 9, 2022

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This... High Unreviewed

CVE-2021-4229 was published May 25, 2022

Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier,... Moderate Unreviewed

CVE-2021-20843 was published May 24, 2022

SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included... High Unreviewed

CVE-2021-41569 was published May 24, 2022

The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and... Critical Unreviewed

CVE-2020-16152 was published May 24, 2022

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the... High Unreviewed

CVE-2021-33626 was published May 24, 2022

The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the... High Unreviewed

CVE-2021-38360 was published May 24, 2022

NVIDIA DCGM contains a vulnerability in the DIAG module where any user can inject shared... High Unreviewed

CVE-2021-34398 was published May 24, 2022

A local file inclusion (LFI) vulnerability exists in the options.php script functionality of... Critical Unreviewed

CVE-2021-21804 was published May 24, 2022

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged... High Unreviewed

CVE-2021-34692 was published May 24, 2022

Local file inclusion exists in Kaseya VSA before 9.5.6. High Unreviewed

CVE-2021-30121 was published May 24, 2022

Previous 1…3…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

105 advisories