GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,847
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,932
npm 4,128
NuGet 735
pip 3,944
Pub 12
RubyGems 945
Rust 1,024
Swift 39

Unreviewed advisories

All unreviewed 269,457

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,461 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An arbitrary file upload vulnerability in Rocket TRUfusion Enterprise before 7.9.6.1 allows... Critical Unreviewed

CVE-2022-36431 was published Dec 1, 2022

Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php. Critical Unreviewed

CVE-2022-44151 was published Nov 30, 2022

A vulnerability classified as critical was found in SourceCodester Book Store Management System 1... Critical Unreviewed

CVE-2022-4229 was published Nov 30, 2022

A vulnerability, which was classified as critical, was found in SourceCodester Event Registration... Critical Unreviewed

CVE-2022-4232 was published Nov 30, 2022

A vulnerability was found in SourceCodester Canteen Management System. It has been rated as... Critical Unreviewed

CVE-2022-4222 was published Nov 30, 2022

Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows... Critical Unreviewed

CVE-2022-44097 was published Nov 30, 2022

Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows... Critical Unreviewed

CVE-2022-44096 was published Nov 30, 2022

SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file. Critical Unreviewed

CVE-2022-44354 was published Nov 29, 2022

Russound XSourcePlayer 777D v06.08.03 was discovered to contain a remote code execution... Critical Unreviewed

CVE-2022-44038 was published Nov 29, 2022

Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed

CVE-2022-42109 was published Nov 29, 2022

Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter... Critical Unreviewed

CVE-2022-44399 was published Nov 28, 2022

Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order... Critical Unreviewed

CVE-2022-44400 was published Nov 28, 2022

AVS Audio Converter 10.3 is vulnerable to Buffer Overflow. Critical Unreviewed

CVE-2022-44283 was published Nov 28, 2022

The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list... Critical Unreviewed

CVE-2022-3603 was published Nov 28, 2022

SQL injection in School Management System 1.0 allows remote attackers to modify or delete data,... Critical Unreviewed

CVE-2022-36193 was published Nov 28, 2022

Online Tours & Travels Management System v1.0 contains an arbitrary file upload vulnerability via... Critical Unreviewed

CVE-2022-44401 was published Nov 28, 2022

drachtio-server 0.8.18 has a heap-based buffer over-read via a long Request-URI in an INVITE... Critical Unreviewed

CVE-2022-45909 was published Nov 26, 2022

A specific file on the sERP server if Kyungrinara(ERP solution) has a fixed password with the... Critical Unreviewed

CVE-2022-41157 was published Nov 25, 2022

Remote code execution vulnerability can be achieved by using cookie values as paths to a file by... Critical Unreviewed

CVE-2022-41158 was published Nov 25, 2022

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed

CVE-2022-44844 was published Nov 25, 2022

Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting (XSS). When a low... Critical Unreviewed

CVE-2022-37720 was published Nov 25, 2022

The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500... Critical Unreviewed

CVE-2022-36133 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... Critical Unreviewed

CVE-2022-29830 was published Nov 25, 2022

A vulnerability was found in rickxy Stock Management System and classified as critical. Affected... Critical Unreviewed

CVE-2022-4088 was published Nov 24, 2022

Attackers can call any existing functions at will, control the target server to access, download,... Critical Unreviewed

CVE-2022-4136 was published Nov 24, 2022

Previous 1…389…400 Next

Previous 1 2 … 387 388 389 390 391 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,461 advisories