Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-29805 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29799 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain multiple command injection... Critical Unreviewed
CVE-2023-29801 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29802 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29803 was published Apr 14, 2023
Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication... Critical Unreviewed
CVE-2022-3748 was published Apr 14, 2023
Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary... Critical Unreviewed
CVE-2022-47027 was published Apr 14, 2023
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-29622 was published Apr 14, 2023
Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a... Critical Unreviewed
CVE-2023-26918 was published Apr 14, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase... Critical Unreviewed
CVE-2023-27746 was published Apr 13, 2023
Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2023-27667 was published Apr 13, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded... Critical Unreviewed
CVE-2023-27748 was published Apr 13, 2023
AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user... Critical Unreviewed
CVE-2023-27779 was published Apr 13, 2023
lmxcms v1.4.1 was discovered to contain a SQL injection vulnerability via the setbook parameter... Critical Unreviewed
CVE-2023-29598 was published Apr 13, 2023
Memory corruption in modem due to improper input validation while handling the incoming CoAP message Critical Unreviewed
CVE-2022-25745 was published Apr 13, 2023
Memory corruption due to buffer copy without checking the size of input in modem while decoding... Critical Unreviewed
CVE-2022-33259 was published Apr 13, 2023
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an... Critical Unreviewed
CVE-2023-28121 was published Apr 12, 2023
Prestashop advancedpopupcreator v1.1.21 to v1.1.24 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2023-27032 was published Apr 12, 2023
TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via... Critical Unreviewed
CVE-2023-27830 was published Apr 12, 2023
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can... Critical Unreviewed
CVE-2023-28808 was published Apr 11, 2023
A missing authentication for critical function vulnerability [CWE-306] in FortiPresence... Critical Unreviewed
CVE-2022-41331 was published Apr 11, 2023
File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute... Critical Unreviewed
CVE-2020-19802 was published Apr 11, 2023
An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of... Critical Unreviewed
CVE-2023-27192 was published Apr 11, 2023
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in... Critical Unreviewed
CVE-2023-29492 was published Apr 11, 2023
Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP... Critical Unreviewed
CVE-2023-27497 was published Apr 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database