Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,500 advisories

Loading
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A... Critical Unreviewed
CVE-2022-40615 was published Jan 11, 2023
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php. Critical Unreviewed
CVE-2022-47865 was published Jan 11, 2023
Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php. Critical Unreviewed
CVE-2022-47866 was published Jan 11, 2023
Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview... Critical Unreviewed
CVE-2022-42967 was published Jan 11, 2023
A vulnerability was found in Nayshlok Voyager. It has been declared as critical. Affected by this... Critical Unreviewed
CVE-2014-125074 was published Jan 11, 2023
A vulnerability was found in jfm-so piWallet. It has been rated as critical. Affected by this... Critical Unreviewed
CVE-2017-20168 was published Jan 11, 2023
Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in... Critical Unreviewed
CVE-2022-47859 was published Jan 11, 2023
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct... Critical Unreviewed
CVE-2022-47860 was published Jan 11, 2023
Lead Management System v1.0 is vulnerable to SQL Injection via the customer_id parameter in... Critical Unreviewed
CVE-2022-47862 was published Jan 11, 2023
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php. Critical Unreviewed
CVE-2022-47861 was published Jan 11, 2023
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in... Critical Unreviewed
CVE-2022-47864 was published Jan 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34441 was published Jan 11, 2023
A vulnerability, which was classified as critical, was found in ACI_Escola. This affects an... Critical Unreviewed
CVE-2015-10037 was published Jan 11, 2023
A vulnerability was found in kylebebak dronfelipe. It has been declared as critical. Affected by... Critical Unreviewed
CVE-2015-10036 was published Jan 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34440 was published Jan 11, 2023
The jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote Code Execution via... Critical Unreviewed
CVE-2022-48252 was published Jan 11, 2023
A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior... Critical Unreviewed
CVE-2022-43389 was published Jan 11, 2023
nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to... Critical Unreviewed
CVE-2022-48253 was published Jan 11, 2023
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Critical Unreviewed
CVE-2022-4338 was published Jan 11, 2023
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. Critical Unreviewed
CVE-2022-4337 was published Jan 11, 2023
A vulnerability was found in mapoor voteapp. It has been rated as critical. Affected by this... Critical Unreviewed
CVE-2014-125073 was published Jan 10, 2023
A vulnerability has been found in fabarea media_upload and classified as critical. This... Critical Unreviewed
CVE-2016-15017 was published Jan 10, 2023
This issue affects: Bulutses Bilgi Teknolojileri LTD. ?T?. BULUTDESK CALLCENTER versions prior to... Critical Unreviewed
CVE-2022-4422 was published Jan 10, 2023
This issue affects: Terminal Operating System versions before 5.0.13 Critical Unreviewed
CVE-2022-3792 was published Jan 10, 2023
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... Critical Unreviewed
CVE-2022-43514 was published Jan 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database