Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,474 advisories

Loading
The does not validate files to be uploaded via an AJAX action available to unauthenticated users,... Critical Unreviewed
CVE-2022-3921 was published Dec 12, 2022
The Dokan WordPress plugin before 3.7.6 does not properly sanitise and escape a parameter before... Critical Unreviewed
CVE-2022-3915 was published Dec 12, 2022
The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the... Critical Unreviewed
CVE-2022-3900 was published Dec 12, 2022
A potential security vulnerability has been identified in Hewlett Packard Enterprise... Critical Unreviewed
CVE-2022-37932 was published Dec 12, 2022
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service... Critical Unreviewed
CVE-2022-38656 was published Dec 12, 2022
Certain HP Print products and Digital Sending products may be vulnerable to potential remote code... Critical Unreviewed
CVE-2021-3942 was published Dec 12, 2022
Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which... Critical Unreviewed
CVE-2021-3437 was published Dec 12, 2022
A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command... Critical Unreviewed
CVE-2021-3919 was published Dec 12, 2022
A potential security vulnerability has been identified for certain HP multifunction printers ... Critical Unreviewed
CVE-2021-3821 was published Dec 12, 2022
There is a command injection vulnerability that could lead to unauthenticated remote code... Critical Unreviewed
CVE-2022-37897 was published Dec 12, 2022
In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the... Critical Unreviewed
CVE-2022-3485 was published Dec 12, 2022
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not... Critical Unreviewed
CVE-2022-46908 was published Dec 12, 2022
A vulnerability was found in TicklishHoneyBee nodau. It has been rated as critical. Affected by... Critical Unreviewed
CVE-2022-4399 was published Dec 11, 2022
egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package... Critical Unreviewed
CVE-2022-45145 was published Dec 10, 2022
Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed
CVE-2022-45290 was published Dec 9, 2022
A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400... Critical Unreviewed
CVE-2022-4390 was published Dec 9, 2022
The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background... Critical Unreviewed
CVE-2022-4170 was published Dec 9, 2022
A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier... Critical Unreviewed
CVE-2022-33186 was published Dec 9, 2022
Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full... Critical Unreviewed
CVE-2022-44938 was published Dec 8, 2022
Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-45497 was published Dec 8, 2022
Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at... Critical Unreviewed
CVE-2022-45499 was published Dec 8, 2022
Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-45506 was published Dec 8, 2022
A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16.... Critical Unreviewed
CVE-2022-4364 was published Dec 8, 2022
A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected... Critical Unreviewed
CVE-2022-4353 was published Dec 8, 2022
A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by... Critical Unreviewed
CVE-2022-4354 was published Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database