GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,147

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,457 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and... Critical Unreviewed

CVE-2022-40202 was published Nov 1, 2022

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize network... Critical Unreviewed

CVE-2022-41779 was published Nov 1, 2022

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the... Critical Unreviewed

CVE-2022-40289 was published Nov 1, 2022

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user... Critical Unreviewed

CVE-2022-40288 was published Nov 1, 2022

The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting (XSS)... Critical Unreviewed

CVE-2022-40287 was published Nov 1, 2022

The application was vulnerable to a session fixation that could be used hijack accounts. Critical Unreviewed

CVE-2022-40293 was published Nov 1, 2022

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend... Critical Unreviewed

CVE-2022-40296 was published Nov 1, 2022

Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on... Critical Unreviewed

CVE-2022-41552 was published Nov 1, 2022

lesspipe before 2.06 allows attackers to execute code via Perl Storable (pst) files, because of... Critical Unreviewed

CVE-2022-44542 was published Nov 1, 2022

In affected versions of Octopus Server where access is managed by an external authentication... Critical Unreviewed

CVE-2022-2572 was published Nov 1, 2022

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as... Critical Unreviewed

CVE-2020-21016 was published Oct 31, 2022

Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload... Critical Unreviewed

CVE-2022-40471 was published Oct 31, 2022

The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and... Critical Unreviewed

CVE-2022-3254 was published Oct 31, 2022

xfig 3.2.7 is vulnerable to Buffer Overflow. Critical Unreviewed

CVE-2021-40241 was published Oct 31, 2022

A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical.... Critical Unreviewed

CVE-2022-3774 was published Oct 31, 2022

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a... Critical Unreviewed

CVE-2022-42915 was published Oct 30, 2022

Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an... Critical Unreviewed

CVE-2021-42777 was published Oct 29, 2022

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory... Critical Unreviewed

CVE-2022-43286 was published Oct 29, 2022

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8,... Critical Unreviewed

CVE-2022-2826 was published Oct 29, 2022

Impact varies for each individual vulnerability in the application. For generation of accounts,... Critical Unreviewed

CVE-2022-3741 was published Oct 28, 2022

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2022-37425 was published Oct 28, 2022

Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the reports_id... Critical Unreviewed

CVE-2022-43168 was published Oct 28, 2022

The HEIDENHAIN Controller TNC 640, version 340590 07 SP5, running HEROS 5.08.3 controlling the... Critical Unreviewed

CVE-2022-41648 was published Oct 28, 2022

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Zekou.php. Critical Unreviewed

CVE-2021-38731 was published Oct 28, 2022

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Plist.php. Critical Unreviewed

CVE-2021-38729 was published Oct 28, 2022

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,457 advisories