Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,461 advisories

Loading
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications are subject to... Critical Unreviewed
CVE-2022-44785 was published Nov 22, 2022
A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute... Critical Unreviewed
CVE-2022-43143 was published Nov 21, 2022
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter. Critical Unreviewed
CVE-2022-44180 was published Nov 21, 2022
Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName. Critical Unreviewed
CVE-2022-44174 was published Nov 21, 2022
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg. Critical Unreviewed
CVE-2022-44175 was published Nov 21, 2022
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic. Critical Unreviewed
CVE-2022-44176 was published Nov 21, 2022
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart. Critical Unreviewed
CVE-2022-44177 was published Nov 21, 2022
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler. Critical Unreviewed
CVE-2022-44172 was published Nov 21, 2022
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic. Critical Unreviewed
CVE-2022-44183 was published Nov 21, 2022
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB. Critical Unreviewed
CVE-2022-44178 was published Nov 21, 2022
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set. Critical Unreviewed
CVE-2022-44171 was published Nov 21, 2022
The WP User Frontend WordPress plugin before 3.5.29 uses a user supplied argument called urhidden... Critical Unreviewed
CVE-2021-24649 was published Nov 21, 2022
The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output... Critical Unreviewed
CVE-2022-3600 was published Nov 21, 2022
The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when... Critical Unreviewed
CVE-2022-3634 was published Nov 21, 2022
Arbitrary Code Execution vulnerability in Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress. Critical Unreviewed
CVE-2022-42497 was published Nov 19, 2022
Carel Boss Mini 1.5.0 has Improper Access Control. Critical Unreviewed
CVE-2022-34827 was published Nov 19, 2022
In Linaro Automated Validation Architecture (LAVA) before 2022.11.1, remote code execution can be... Critical Unreviewed
CVE-2022-45132 was published Nov 19, 2022
Unauth. Arbitrary File Deletion vulnerability in WatchTowerHQ plugin <= 3.6.15 on WordPress. Critical Unreviewed
CVE-2022-44584 was published Nov 19, 2022
Unauth. Arbitrary File Upload vulnerability in WordPress Api2Cart Bridge Connector plugin <= 1.1... Critical Unreviewed
CVE-2022-42698 was published Nov 19, 2022
Block BYPASS vulnerability in iQ Block Country plugin <= 1.2.18 on WordPress. Critical Unreviewed
CVE-2022-41155 was published Nov 19, 2022
Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. Critical Unreviewed
CVE-2022-41840 was published Nov 18, 2022
Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress. Critical Unreviewed
CVE-2022-41652 was published Nov 18, 2022
Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress. Critical Unreviewed
CVE-2022-41781 was published Nov 18, 2022
drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. Critical Unreviewed
CVE-2022-45474 was published Nov 18, 2022
D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow. Critical Unreviewed
CVE-2022-44204 was published Nov 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database