Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
ChiKoi v1.0 was discovered to contain a SQL injection vulnerability via the load_file function. Critical Unreviewed
CVE-2023-24084 was published Feb 13, 2023
Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could... Critical Unreviewed
CVE-2022-3089 was published Feb 13, 2023
Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could... Critical Unreviewed
CVE-2023-23551 was published Feb 13, 2023
Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-40022 was published Feb 13, 2023
The FL3R FeelBox WordPress plugin through 8.1 does not properly sanitise and escape a parameter... Critical Unreviewed
CVE-2022-4445 was published Feb 13, 2023
NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow... Critical Unreviewed
CVE-2022-48322 was published Feb 13, 2023
Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a... Critical Unreviewed
CVE-2022-48323 was published Feb 13, 2023
Command Injection in thorsten/phpmyfaq Critical
CVE-2023-0789 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
Code Injection in thorsten/phpmyfaq Critical
CVE-2023-0788 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
A vulnerability classified as critical has been found in SourceCodester Best Online News Portal 1... Critical Unreviewed
CVE-2023-0784 was published Feb 12, 2023
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while... Critical Unreviewed
CVE-2022-40514 was published Feb 12, 2023
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length. Critical Unreviewed
CVE-2022-33279 was published Feb 12, 2023
Memory corruption in modem due to improper length check while copying into memory Critical Unreviewed
CVE-2022-25729 was published Feb 12, 2023
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. A remote... Critical Unreviewed
CVE-2022-41731 was published Feb 12, 2023
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web... Critical Unreviewed
CVE-2022-45088 was published Feb 12, 2023
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web... Critical Unreviewed
CVE-2022-45089 was published Feb 12, 2023
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web... Critical Unreviewed
CVE-2022-4557 was published Feb 12, 2023
A vulnerability was found in EcShop 4.1.5. It has been classified as critical. This affects an... Critical Unreviewed
CVE-2023-0783 was published Feb 11, 2023
A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this... Critical Unreviewed
CVE-2023-0782 was published Feb 11, 2023
A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared... Critical Unreviewed
CVE-2023-0781 was published Feb 11, 2023
Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware... Critical Unreviewed
CVE-2023-0776 was published Feb 11, 2023
Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following resulting in deletion of files and directories on the host system Critical
CVE-2023-25168 was published for github.com/pterodactyl/wings (Go) Feb 10, 2023
T4x0r
Authentication Bypass in modoboa Critical
CVE-2023-0777 was published for modoboa (pip) Feb 10, 2023
Art Gallery Management System Project v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2023-23163 was published Feb 10, 2023
Art Gallery Management System Project v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2023-23162 was published Feb 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database