Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Certain Lexmark devices through 2023-02-19 have an Integer Overflow. Critical Unreviewed
CVE-2023-26065 was published Apr 10, 2023
Certain Lexmark devices through 2023-02-19 have an Out-of-bounds Write. Critical Unreviewed
CVE-2023-26064 was published Apr 10, 2023
Certain Lexmark devices through 2023-02-19 have Improper Validation of an Array Index. Critical Unreviewed
CVE-2023-26066 was published Apr 10, 2023
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4). Critical Unreviewed
CVE-2023-26068 was published Apr 10, 2023
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4). Critical Unreviewed
CVE-2023-26069 was published Apr 10, 2023
D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. This... Critical Unreviewed
CVE-2023-27719 was published Apr 9, 2023
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface.... Critical Unreviewed
CVE-2023-0750 was published Apr 6, 2023
Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS... Critical Unreviewed
CVE-2022-2757 was published Dec 14, 2022
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an... Critical Unreviewed
CVE-2022-41653 was published Dec 14, 2022
IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-45005 was published Dec 13, 2022
PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0. Critical Unreviewed
CVE-2022-4446 was published Dec 13, 2022
SQL Injection vulnerability in function get_user in login_manager.php in rizalafani cms-php v1. Critical Unreviewed
CVE-2021-35284 was published Nov 23, 2022
Final CMS 5.1.0 is vulnerable to SQL Injection. Critical Unreviewed
CVE-2022-37204 was published Sep 21, 2022
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component,... Critical Unreviewed
CVE-2022-37203 was published Sep 20, 2022
An integer overflow vulnerability in the calloc() function of the C runtime library of affected... Critical Unreviewed
CVE-2021-22156 was published May 24, 2022
The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule... Critical Unreviewed
CVE-2021-32928 was published May 24, 2022
HashiCorp Terraform’s Vault Provider (terraform-provider-vault) did not correctly configure GCE... Critical Unreviewed
CVE-2021-30476 was published May 24, 2022
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the... Critical Unreviewed
CVE-2019-1384 was published May 24, 2022
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness Critical Unreviewed
CVE-2013-2260 was published May 24, 2022
An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function... Critical Unreviewed
CVE-2019-17211 was published May 24, 2022
Apache OFBiz has unsafe deserialization prior to 17.12.07 version Critical Unreviewed
CVE-2021-30128 was published May 24, 2022
A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function... Critical Unreviewed
CVE-2020-35313 was published May 24, 2022
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote... Critical Unreviewed
CVE-2021-30481 was published May 24, 2022
The N5 Upload Form WordPress plugin through 1.0 suffers from an arbitrary file upload issue in... Critical Unreviewed
CVE-2021-24223 was published May 24, 2022
The file upload function of Vangene deltaFlow E-platform does not perform access controlled... Critical Unreviewed
CVE-2021-28173 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database