Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope... Critical Unreviewed
CVE-2023-24219 was published Feb 17, 2023
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope... Critical Unreviewed
CVE-2023-24220 was published Feb 17, 2023
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope... Critical Unreviewed
CVE-2023-24221 was published Feb 17, 2023
Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021... Critical Unreviewed
CVE-2021-43529 was published Feb 17, 2023
Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5... Critical Unreviewed
CVE-2021-42756 was published Feb 16, 2023
An improper restriction of xml external entity reference in Fortinet FortiNAC version 9.4.0... Critical Unreviewed
CVE-2022-39954 was published Feb 16, 2023
Insufficient visual distinction of homoglyphs presented to user in the Intel(R) oneAPI DPC++/C++... Critical Unreviewed
CVE-2022-26843 was published Feb 16, 2023
Improper handling of Unicode encoding in source code to be compiled by the Intel(R) C++ Compiler... Critical Unreviewed
CVE-2022-25987 was published Feb 16, 2023
An improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4... Critical Unreviewed
CVE-2022-38375 was published Feb 16, 2023
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5,... Critical Unreviewed
CVE-2022-39952 was published Feb 16, 2023
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb... Critical Unreviewed
CVE-2021-42761 was published Feb 16, 2023
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an... Critical Unreviewed
CVE-2022-33964 was published Feb 16, 2023
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an... Critical Unreviewed
CVE-2022-29514 was published Feb 16, 2023
Users with any cluster secret update access may update out-of-bounds cluster secrets Critical
CVE-2023-23947 was published for github.com/argoproj/argo-cd (Go) Feb 16, 2023
crenshaw-dev
Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials. Critical Unreviewed
CVE-2022-43969 was published Feb 16, 2023
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection... Critical Unreviewed
CVE-2023-24238 was published Feb 16, 2023
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection... Critical Unreviewed
CVE-2023-24236 was published Feb 16, 2023
Duplicate advisory: Sequelize vulnerable to Improper Filtering of Special Elements Critical
GHSA-8mwq-mj73-qv68 was published for @sequelize/core (npm) Feb 16, 2023 withdrawn
In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration... Critical Unreviewed
CVE-2022-3843 was published Feb 16, 2023
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution... Critical Unreviewed
CVE-2023-0568 was published Feb 16, 2023
Cross-site Scripting in kimai/kimai Critical
CVE-2020-19825 was published for kimai/kimai (Composer) Feb 16, 2023
SQL Injection vulnerability in nitinparashar30 cms-corephp through commit... Critical Unreviewed
CVE-2021-33925 was published Feb 16, 2023
SQL Injection vulnerability in file home\controls\cart.class.php in UQCMS 2.1.3, allows attackers... Critical Unreviewed
CVE-2020-21120 was published Feb 16, 2023
SQL Injection vulnerability in Kliqqi-CMS 2.0.2 in admin/admin_update_module_widgets.php in... Critical Unreviewed
CVE-2020-21119 was published Feb 16, 2023
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules... Critical Unreviewed
CVE-2021-33304 was published Feb 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database