Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,865 advisories

Loading
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade... Critical Unreviewed
CVE-2021-36226 was published Feb 6, 2023
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection... Critical Unreviewed
CVE-2023-24276 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed
CVE-2023-24201 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed
CVE-2023-24199 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at... Critical Unreviewed
CVE-2023-24198 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed
CVE-2023-24200 was published Feb 6, 2023
Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the... Critical Unreviewed
CVE-2023-24202 was published Feb 6, 2023
A vulnerability has been found in Gimmie Plugin 1.2.2 and classified as critical. Affected by... Critical Unreviewed
CVE-2014-125086 was published Feb 6, 2023
A vulnerability, which was classified as critical, was found in Gimmie Plugin 1.2.2. Affected is... Critical Unreviewed
CVE-2014-125085 was published Feb 6, 2023
A vulnerability, which was classified as critical, has been found in Gimmie Plugin 1.2.2. This... Critical Unreviewed
CVE-2014-125084 was published Feb 6, 2023
Header injection in TurboGears Critical
CVE-2019-25101 was published for TurboGears (pip) Feb 4, 2023
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0.... Critical Unreviewed
CVE-2023-0673 was published Feb 4, 2023
A vulnerability was found in fanzila WebFinance 0.5. It has been classified as critical. Affected... Critical Unreviewed
CVE-2013-10017 was published Feb 4, 2023
A vulnerability was found in fanzila WebFinance 0.5. It has been declared as critical. Affected... Critical Unreviewed
CVE-2013-10018 was published Feb 4, 2023
EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution... Critical Unreviewed
CVE-2023-24576 was published Feb 3, 2023
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute... Critical Unreviewed
CVE-2023-23477 was published Feb 3, 2023
A vulnerability has been found in fanzila WebFinance 0.5 and classified as critical. This... Critical Unreviewed
CVE-2013-10015 was published Feb 3, 2023
A vulnerability was found in fanzila WebFinance 0.5 and classified as critical. This issue... Critical Unreviewed
CVE-2013-10016 was published Feb 3, 2023
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up... Critical Unreviewed
CVE-2022-31733 was published Feb 3, 2023
XML External Entity (XXE) vulnerability in Talend Remote Engine Gen 2 before R2022-09. Critical Unreviewed
CVE-2022-45588 was published Feb 3, 2023
A vulnerability was found in Calendar Event Management System 1.0. It has been rated as critical.... Critical Unreviewed
CVE-2023-0663 was published Feb 3, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-24138 was published Feb 3, 2023
A command injection vulnerability in the version parameter in the function... Critical Unreviewed
CVE-2023-24153 was published Feb 3, 2023
A command injection vulnerability in the serverIp parameter in the function meshSlaveDlfw of... Critical Unreviewed
CVE-2023-24150 was published Feb 3, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-24144 was published Feb 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database