Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2022-3760 was published Mar 7, 2023
A vulnerability was found in Email Registration 5.x-2.1. It has been declared as critical. This... Critical Unreviewed
CVE-2008-10004 was published Mar 7, 2023
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by... Critical Unreviewed
CVE-2022-45141 was published Mar 7, 2023
A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO... Critical Unreviewed
CVE-2023-0330 was published Mar 7, 2023
Moodle SQL Injection vulnerability Critical
CVE-2021-36393 was published for moodle/moodle (Composer) Mar 6, 2023
Moodle SQL Injection vulnerability Critical
CVE-2021-36392 was published for moodle/moodle (Composer) Mar 6, 2023
Remote code execution in Funadmin Critical
CVE-2023-24776 was published for funadmin/funadmin (Composer) Mar 6, 2023
Moodle Session Fixation vulnerability Critical
CVE-2021-36394 was published for moodle/moodle (Composer) Mar 6, 2023
PMB v7.4.6 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2023-24736 was published Mar 6, 2023
An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows... Critical Unreviewed
CVE-2023-24734 was published Mar 6, 2023
An arbitrary file upload vulnerability in the component /admin1/config/update of onekeyadmin v1.3... Critical Unreviewed
CVE-2023-26949 was published Mar 6, 2023
The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be... Critical Unreviewed
CVE-2022-4328 was published Mar 6, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-0979 was published Mar 6, 2023
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ProMIS Process... Critical Unreviewed
CVE-2023-0839 was published Mar 6, 2023
Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC... Critical Unreviewed
CVE-2023-22344 was published Mar 6, 2023
Path traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1... Critical Unreviewed
CVE-2023-22336 was published Mar 6, 2023
json-logic-js Command Injection vulnerability Critical
CVE-2021-4329 was published for json-logic-js (npm) Mar 5, 2023
A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This... Critical Unreviewed
CVE-2015-10088 was published Mar 5, 2023
A vulnerability was found in iGamingModules flashgames 1.1.0. It has been classified as critical.... Critical Unreviewed
CVE-2008-10003 was published Mar 5, 2023
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 and classified as critical.... Critical Unreviewed
CVE-2014-125091 was published Mar 5, 2023
Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241... Critical Unreviewed
CVE-2023-27290 was published Mar 4, 2023
CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code... Critical Unreviewed
CVE-2023-26779 was published Mar 4, 2023
ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of... Critical Unreviewed
CVE-2023-27574 was published Mar 4, 2023
Report v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability. Critical Unreviewed
CVE-2022-46973 was published Mar 4, 2023
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability Critical
CVE-2023-26477 was published for org.xwiki.platform:xwiki-platform-flamingo-theme-ui (Maven) Mar 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database