Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,487 advisories

Loading
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this... Critical Unreviewed
CVE-2022-46324 was published Dec 20, 2022
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this... Critical Unreviewed
CVE-2022-46326 was published Dec 20, 2022
Some smartphones have configuration issues. Successful exploitation of this vulnerability may... Critical Unreviewed
CVE-2022-46327 was published Dec 20, 2022
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type. Critical Unreviewed
CVE-2022-46020 was published Dec 20, 2022
pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as... Critical Unreviewed
CVE-2022-40624 was published Dec 20, 2022
Tenda F1203 V2.0.1.6 was discovered to contain a command injection vulnerability via the mac... Critical Unreviewed
CVE-2022-46538 was published Dec 20, 2022
pdftojson commit 94204bb was discovered to contain a stack overflow via the component Stream:... Critical Unreviewed
CVE-2022-44109 was published Dec 20, 2022
Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page. Critical Unreviewed
CVE-2022-40434 was published Dec 20, 2022
pdftojson commit 94204bb was discovered to contain a stack overflow via the component Object:... Critical Unreviewed
CVE-2022-44108 was published Dec 20, 2022
IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request... Critical Unreviewed
CVE-2022-38708 was published Dec 19, 2022
After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is... Critical Unreviewed
CVE-2021-33640 was published Dec 19, 2022
The web server of some Hikvision wireless bridge products have an access control vulnerability... Critical Unreviewed
CVE-2022-28173 was published Dec 19, 2022
The JoomSport WordPress plugin before 5.2.8 does not properly sanitise and escape a parameter... Critical Unreviewed
CVE-2022-4050 was published Dec 19, 2022
A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the... Critical Unreviewed
CVE-2020-36619 was published Dec 19, 2022
A vulnerability was found in phpRedisAdmin up to 1.17.3. It has been classified as problematic.... Critical Unreviewed
CVE-2021-4259 was published Dec 19, 2022
The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when... Critical Unreviewed
CVE-2022-4063 was published Dec 19, 2022
A vulnerability classified as critical has been found in pacman-canvas up to 1.0.5. Affected is... Critical Unreviewed
CVE-2021-4261 was published Dec 19, 2022
Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition... Critical Unreviewed
CVE-2022-4427 was published Dec 19, 2022
CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated attacker to... Critical Unreviewed
CVE-2022-44456 was published Dec 19, 2022
A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.1. It has been... Critical Unreviewed
CVE-2022-4607 was published Dec 19, 2022
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3. Critical Unreviewed
CVE-2022-4606 was published Dec 18, 2022
** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as... Critical Unreviewed
CVE-2020-36617 was published Dec 18, 2022
A vulnerability was found in luckyshot CRMx and classified as critical. This issue affects the... Critical Unreviewed
CVE-2022-4592 was published Dec 18, 2022
A vulnerability was found in drogatkin TJWS2. It has been declared as critical. Affected by this... Critical Unreviewed
CVE-2022-4594 was published Dec 18, 2022
A vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is... Critical Unreviewed
CVE-2021-4246 was published Dec 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database