Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,461 advisories

Loading
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1. Critical Unreviewed
CVE-2022-44196 was published Nov 22, 2022
ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting (XSS) vulnerability... Critical Unreviewed
CVE-2022-42989 was published Nov 22, 2022
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering. Critical Unreviewed
CVE-2022-44190 was published Nov 22, 2022
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter... Critical Unreviewed
CVE-2022-44186 was published Nov 22, 2022
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri. Critical Unreviewed
CVE-2022-44187 was published Nov 22, 2022
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip. Critical Unreviewed
CVE-2022-44197 was published Nov 22, 2022
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and... Critical Unreviewed
CVE-2022-44194 was published Nov 22, 2022
A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version... Critical Unreviewed
CVE-2022-44808 was published Nov 22, 2022
D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow. Critical Unreviewed
CVE-2022-44806 was published Nov 22, 2022
D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. Critical Unreviewed
CVE-2022-44801 was published Nov 22, 2022
D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString. Critical Unreviewed
CVE-2022-44807 was published Nov 22, 2022
D-Link DIR823G 1.02B05 is vulnerable to Commad Injection. Critical Unreviewed
CVE-2022-44201 was published Nov 22, 2022
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter... Critical Unreviewed
CVE-2022-44184 was published Nov 22, 2022
D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. Critical Unreviewed
CVE-2022-44202 was published Nov 22, 2022
D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function. Critical Unreviewed
CVE-2022-44804 was published Nov 22, 2022
Fusiondirectory 1.3 suffers from Improper Session Handling. Critical Unreviewed
CVE-2022-36179 was published Nov 22, 2022
Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php... Critical Unreviewed
CVE-2022-36180 was published Nov 22, 2022
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery ... Critical Unreviewed
CVE-2022-40842 was published Nov 22, 2022
In libarchive 3.6.1, the software does not check for an error after calling calloc function that... Critical Unreviewed
CVE-2022-36227 was published Nov 22, 2022
A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote... Critical Unreviewed
CVE-2022-40602 was published Nov 22, 2022
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-43214 was published Nov 22, 2022
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-43215 was published Nov 22, 2022
The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated... Critical Unreviewed
CVE-2022-41326 was published Nov 22, 2022
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of... Critical Unreviewed
CVE-2022-30258 was published Nov 22, 2022
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of... Critical Unreviewed
CVE-2022-30257 was published Nov 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database