Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,461 advisories

Loading
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. Critical Unreviewed
CVE-2022-3491 was published Dec 3, 2022
A vulnerability, which was classified as critical, has been found in SourceCodester Human... Critical Unreviewed
CVE-2022-4273 was published Dec 3, 2022
A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by... Critical Unreviewed
CVE-2022-4272 was published Dec 3, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. Critical Unreviewed
CVE-2022-3520 was published Dec 2, 2022
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in... Critical Unreviewed
CVE-2022-44290 was published Dec 2, 2022
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in... Critical Unreviewed
CVE-2022-44291 was published Dec 2, 2022
Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-44945 was published Dec 2, 2022
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule. Critical Unreviewed
CVE-2022-44362 was published Dec 2, 2022
Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd. Critical Unreviewed
CVE-2022-44365 was published Dec 2, 2022
Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting,... Critical Unreviewed
CVE-2022-45482 was published Dec 2, 2022
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo. Critical Unreviewed
CVE-2022-44366 was published Dec 2, 2022
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo. Critical Unreviewed
CVE-2022-44363 was published Dec 2, 2022
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo. Critical Unreviewed
CVE-2022-44367 was published Dec 2, 2022
D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-44928 was published Dec 2, 2022
An unauthenticated command injection vulnerability in the product license validation function of... Critical Unreviewed
CVE-2022-43325 was published Dec 2, 2022
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to... Critical Unreviewed
CVE-2022-44929 was published Dec 2, 2022
D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-44930 was published Dec 2, 2022
Telenia Software s.r.l TVox before v22.0.17 was discovered to contain a remote code execution ... Critical Unreviewed
CVE-2022-43333 was published Dec 2, 2022
Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation... Critical Unreviewed
CVE-2022-37016 was published Dec 1, 2022
SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb... Critical Unreviewed
CVE-2022-30528 was published Dec 1, 2022
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This... Critical Unreviewed
CVE-2022-4257 was published Dec 1, 2022
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2022-4221 was published Dec 1, 2022
In multiple products by Festo a remote unauthenticated attacker could use functions of an... Critical Unreviewed
CVE-2022-3270 was published Dec 1, 2022
A vulnerability classified as critical was found in Movie Ticket Booking System. This... Critical Unreviewed
CVE-2022-4247 was published Dec 1, 2022
A vulnerability, which was classified as critical, has been found in Movie Ticket Booking System.... Critical Unreviewed
CVE-2022-4248 was published Dec 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database