Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,457 advisories

Loading
A vulnerability was found in tholum crm42. It has been rated as critical. This issue affects some... Critical Unreviewed
CVE-2022-3955 was published Nov 11, 2022
A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an... Critical Unreviewed
CVE-2022-3956 was published Nov 11, 2022
After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter... Critical Unreviewed
CVE-2022-34331 was published Nov 11, 2022
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component ... Critical Unreviewed
CVE-2022-43074 was published Nov 11, 2022
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to... Critical Unreviewed
CVE-2022-40981 was published Nov 11, 2022
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of... Critical Unreviewed
CVE-2022-36938 was published Nov 11, 2022
A vulnerability has been found in Activity Log Plugin and classified as critical. This... Critical Unreviewed
CVE-2022-3941 was published Nov 11, 2022
A vulnerability, which was classified as problematic, was found in lanyulei ferry. This affects... Critical Unreviewed
CVE-2022-3940 was published Nov 11, 2022
A vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by... Critical Unreviewed
CVE-2022-3939 was published Nov 11, 2022
Multiple W&T products of the Comserver Series use a small number space for allocating sessions... Critical Unreviewed
CVE-2022-42787 was published Nov 10, 2022
The file upload function of Agentflow BPM has insufficient filtering for special characters in... Critical Unreviewed
CVE-2022-39036 was published Nov 10, 2022
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the... Critical Unreviewed
CVE-2022-44087 was published Nov 10, 2022
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the... Critical Unreviewed
CVE-2022-44088 was published Nov 10, 2022
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the... Critical Unreviewed
CVE-2022-44089 was published Nov 10, 2022
UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can... Critical Unreviewed
CVE-2022-38119 was published Nov 10, 2022
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have... Critical Unreviewed
CVE-2022-45063 was published Nov 10, 2022
The EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 for PrestaShop allows SQL Injection... Critical Unreviewed
CVE-2022-44727 was published Nov 10, 2022
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-43058 was published Nov 10, 2022
The iaware module has a vulnerability in thread security. Successful exploitation of this... Critical Unreviewed
CVE-2022-44551 was published Nov 10, 2022
The system framework layer has a vulnerability of serialization/deserialization mismatch.... Critical Unreviewed
CVE-2022-44562 was published Nov 10, 2022
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful... Critical Unreviewed
CVE-2022-44559 was published Nov 10, 2022
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful... Critical Unreviewed
CVE-2022-44558 was published Nov 10, 2022
VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A... Critical Unreviewed
CVE-2022-31687 was published Nov 10, 2022
VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious... Critical Unreviewed
CVE-2022-31689 was published Nov 10, 2022
VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability.... Critical Unreviewed
CVE-2022-31686 was published Nov 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database