Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

172 advisories

Loading
A vulnerability has been found in SourceCodester Student Study Center Desk Management System 1.0... Moderate Unreviewed
CVE-2023-2152 was published Apr 18, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register... High Unreviewed
CVE-2023-22616 was published Apr 12, 2023
In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a... High Unreviewed
CVE-2023-20964 was published Mar 24, 2023
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5,... Critical Unreviewed
CVE-2022-39952 was published Feb 16, 2023
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an... Moderate Unreviewed
CVE-2023-0003 was published Feb 8, 2023
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... High Unreviewed
CVE-2022-43513 was published Jan 10, 2023
A vulnerability, which was classified as critical, was found in soshtolsus wing-tight. This... Critical Unreviewed
CVE-2014-125044 was published Jan 5, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an... High Unreviewed
CVE-2022-34669 was published Dec 31, 2022
When receiving an HTML email that contained an <code>iframe</code> element, which used a <code... Moderate Unreviewed
CVE-2022-3032 was published Dec 22, 2022
In onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve... Moderate Unreviewed
CVE-2022-20515 was published Dec 20, 2022
In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a... High Unreviewed
CVE-2022-20550 was published Dec 20, 2022
In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a... Moderate Unreviewed
CVE-2022-20199 was published Dec 20, 2022
A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.1. It has been... Critical Unreviewed
CVE-2022-4607 was published Dec 19, 2022
ILIAS before 7.16 allows External Control of File Name or Path. Moderate Unreviewed
CVE-2022-45918 was published Dec 7, 2022
Agent-to-controller security bypass vulnerability in Jenkins BMC Compuware Source Code Download for Endevor, PDS, and ISPW Plugin Moderate
CVE-2022-43423 was published for com.compuware.jenkins:compuware-scm-downloader (Maven) Oct 19, 2022
NotMyFault
Agent-to-controller security bypass vulnerabilities in Jenkins Compuware Topaz for Total Test Plugin High
CVE-2022-43428 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
NotMyFault
An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the... High Unreviewed
CVE-2021-27406 was published Oct 14, 2022
An externally controlled reference to a resource vulnerability has been reported to affect QNAP... Critical Unreviewed
CVE-2022-27593 was published Sep 9, 2022
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up... High Unreviewed
CVE-2022-2431 was published Sep 7, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2022-2943 was published Sep 7, 2022
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and... High Unreviewed
CVE-2022-2633 was published Sep 7, 2022
The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be... Moderate Unreviewed
CVE-2022-2638 was published Aug 29, 2022
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of... Moderate Unreviewed
CVE-2022-32761 was published Aug 23, 2022
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6... Moderate Unreviewed
CVE-2022-28710 was published Aug 23, 2022
In DreamServices, there is a possible way to launch arbitrary protected activities due to a... High Unreviewed
CVE-2022-20319 was published Aug 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database