Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Liima before 1.17.28 allows Hibernate query language (HQL) injection, related to colToSort in the... Critical Unreviewed
CVE-2023-26093 was published Feb 20, 2023
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles... Critical Unreviewed
CVE-2022-48328 was published Feb 20, 2023
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model... Critical Unreviewed
CVE-2022-48329 was published Feb 20, 2023
java-xmlbuilder vulnerable to XML External Entity Reference Critical
CVE-2014-125087 was published for com.jamesmurty.utils:java-xmlbuilder (Maven) Feb 19, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Simple Customer... Critical Unreviewed
CVE-2023-0917 was published Feb 19, 2023
A vulnerability has been found in codeprojects Pharmacy Management System 1.0 and classified as... Critical Unreviewed
CVE-2023-0918 was published Feb 19, 2023
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified... Critical Unreviewed
CVE-2023-0910 was published Feb 18, 2023
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1... Critical Unreviewed
CVE-2023-0906 was published Feb 18, 2023
The framework service handles pendingIntent incorrectly, allowing a malicious application with... Critical Unreviewed
CVE-2021-26277 was published Feb 18, 2023
QVidium Technologies Amino A140 (prior to firmware version 1.0.0-283) was discovered to contain a... Critical Unreviewed
CVE-2022-40021 was published Feb 18, 2023
TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control. Critical Unreviewed
CVE-2023-23064 was published Feb 18, 2023
Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php. Critical Unreviewed
CVE-2023-23279 was published Feb 17, 2023
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges... Critical Unreviewed
CVE-2021-32142 was published Feb 17, 2023
Privilege escalation in MOSN Critical
CVE-2021-32163 was published for mosn.io/mosn (Go) Feb 17, 2023
IBM Aspera Faspex 4.4.1 could allow a remote attacker to execute arbitrary code on the system,... Critical Unreviewed
CVE-2022-47986 was published Feb 17, 2023
Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary... Critical Unreviewed
CVE-2021-33226 was published Feb 17, 2023
An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration... Critical Unreviewed
CVE-2021-34182 was published Feb 17, 2023
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option... Critical Unreviewed
CVE-2021-33391 was published Feb 17, 2023
SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute... Critical Unreviewed
CVE-2021-33948 was published Feb 17, 2023
An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename... Critical Unreviewed
CVE-2021-33949 was published Feb 17, 2023
File Upload Vulnerability in Yupoxion BearAdmin before commit... Critical Unreviewed
CVE-2021-35261 was published Feb 17, 2023
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows... Critical Unreviewed
CVE-2020-29168 was published Feb 17, 2023
SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username'... Critical Unreviewed
CVE-2022-40032 was published Feb 17, 2023
SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in ... Critical Unreviewed
CVE-2022-40347 was published Feb 17, 2023
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified... Critical Unreviewed
CVE-2023-0883 was published Feb 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database