Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
URI validation failure on SVG parsing. Bypass of CVE-2023-23924 Critical
CVE-2023-24813 was published for dompdf/dompdf (Composer) Feb 7, 2023
Ry0taK
A vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been... Critical Unreviewed
CVE-2023-0707 was published Feb 7, 2023
In Boa, there is a possible escalation of privilege due to a stack buffer overflow. This could... Critical Unreviewed
CVE-2021-31578 was published Feb 7, 2023
In Boa, there is a possible escalation of privilege due to a missing permission check. This could... Critical Unreviewed
CVE-2021-31577 was published Feb 7, 2023
In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed
CVE-2021-31575 was published Feb 7, 2023
In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed
CVE-2021-31573 was published Feb 7, 2023
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can... Critical Unreviewed
CVE-2023-23333 was published Feb 7, 2023
In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed
CVE-2021-31574 was published Feb 7, 2023
Because the web management interface for Unified Intents' Unified Remote solution does not itself... Critical Unreviewed
CVE-2022-3229 was published Feb 7, 2023
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This... Critical Unreviewed
CVE-2023-0687 was published Feb 6, 2023
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as... Critical Unreviewed
CVE-2023-0686 was published Feb 6, 2023
The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter... Critical Unreviewed
CVE-2022-4681 was published Feb 6, 2023
tinymighty WikiSEO is vulnerable to cross-site scripting via modifyHTML function Critical
CVE-2015-10073 was published for tinymighty/wiki-seo (Composer) Feb 6, 2023
**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer... Critical Unreviewed
CVE-2022-48311 was published Feb 6, 2023
SQL Injection vulnerability in Talend ESB Runtime 7.3.1-R2022-09-RT thru 8.0.1-R2022-10-RT when... Critical Unreviewed
CVE-2022-45589 was published Feb 6, 2023
pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered to contain a stack overflow... Critical Unreviewed
CVE-2022-48078 was published Feb 6, 2023
In NVS365 V01, the background network test function can trigger command execution. Critical Unreviewed
CVE-2022-47071 was published Feb 6, 2023
Western Digital My Cloud devices before OS5 have a nobody account with a blank password. Critical Unreviewed
CVE-2021-36224 was published Feb 6, 2023
A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been rated as... Critical Unreviewed
CVE-2023-0679 was published Feb 6, 2023
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade... Critical Unreviewed
CVE-2021-36226 was published Feb 6, 2023
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection... Critical Unreviewed
CVE-2023-24276 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed
CVE-2023-24201 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the... Critical Unreviewed
CVE-2023-24202 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at... Critical Unreviewed
CVE-2023-24198 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed
CVE-2023-24200 was published Feb 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database