Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,494
Maven
5,000+
npm
4,129
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,463 advisories

Loading
drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. Critical Unreviewed
CVE-2022-45474 was published Nov 18, 2022
D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow. Critical Unreviewed
CVE-2022-44204 was published Nov 18, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the... Critical Unreviewed
CVE-2022-44001 was published Nov 18, 2022
Webvendome - Webvendome SQL Injection. SQL Injection in the Parameter " DocNumber" Request : Get... Critical Unreviewed
CVE-2022-36787 was published Nov 18, 2022
DLINK - DSL-224 Post-auth PCE. DLINK router has an interface where you can configure NTP servers ... Critical Unreviewed
CVE-2022-36786 was published Nov 18, 2022
College Management System v1.0 - SQL Injection (SQLi). By inserting SQL commands to the username... Critical Unreviewed
CVE-2022-39180 was published Nov 18, 2022
WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 4 of 5). Critical Unreviewed
CVE-2022-38165 was published Nov 18, 2022
A vulnerability has been found in Hostel Searching Project and classified as critical. This... Critical Unreviewed
CVE-2022-4051 was published Nov 17, 2022
Dreamer CMS 4.0.01 is vulnerable to SQL Injection. Critical Unreviewed
CVE-2022-42245 was published Nov 17, 2022
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-40881 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management... Critical Unreviewed
CVE-2022-43999 was published Nov 17, 2022
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-43135 was published Nov 17, 2022
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper... Critical Unreviewed
CVE-2022-40752 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to improper validation or... Critical Unreviewed
CVE-2022-44006 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of... Critical Unreviewed
CVE-2022-44004 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal... Critical Unreviewed
CVE-2022-44000 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to insufficient escaping of user... Critical Unreviewed
CVE-2022-44003 was published Nov 17, 2022
Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application... Critical Unreviewed
CVE-2022-43782 was published Nov 17, 2022
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and... Critical Unreviewed
CVE-2022-3980 was published Nov 16, 2022
Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-43262 was published Nov 16, 2022
SeaCms before v12.6 was discovered to contain a SQL injection vulnerability via the component /js... Critical Unreviewed
CVE-2022-43256 was published Nov 16, 2022
An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows... Critical Unreviewed
CVE-2022-43234 was published Nov 16, 2022
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An... Critical Unreviewed
CVE-2022-42785 was published Nov 16, 2022
An arbitrary file upload vulnerability in the component /pages/save_user.php of Canteen... Critical Unreviewed
CVE-2022-43265 was published Nov 16, 2022
Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote... Critical Unreviewed
CVE-2022-24942 was published Nov 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database