Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

57 advisories

Loading
Embedded malware in ua-parser-js High
GHSA-pjwm-rvh2-c87w was published for ua-parser-js (npm) Oct 22, 2021
xtqqczze
An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and... Critical Unreviewed
CVE-2021-43987 was published Dec 24, 2021
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored... Critical Unreviewed
CVE-2021-24867 was published Feb 22, 2022
Hidden functionality in node-ipc Low
GHSA-8gr3-2gjw-jj7g was published for node-ipc (npm) Mar 16, 2022
The affected product is vulnerable due to an undocumented interface found on the device, which... High Unreviewed
CVE-2020-16204 was published May 24, 2022
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed
CVE-2020-12504 was published May 24, 2022
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF... High Unreviewed
CVE-2021-25371 was published May 24, 2022
A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This... High Unreviewed
CVE-2021-4229 was published May 25, 2022
Malware in ctx Critical
GHSA-4g82-3jcr-q52w was published for ctx (pip) May 25, 2022
The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application... High Unreviewed
CVE-2022-1741 was published Jun 25, 2022
On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot... Critical Unreviewed
CVE-2022-3203 was published Oct 21, 2022
sweetalert2 v11.4.9 and above contains hidden functionality Low
GHSA-qq6h-5g6j-q3cm was published for sweetalert2 (npm) Nov 23, 2022
limonte Humni
sweetalert2 v10.16.10 and above contains hidden functionality Low
GHSA-457r-cqc8-9vj9 was published for sweetalert2 (npm) Nov 23, 2022
Humni
sweetalert2 v9.17.4 and above contains hidden functionality Low
GHSA-pg98-6v7f-2xfv was published for sweetalert2 (npm) Nov 23, 2022
sweetalert2 v8.19.1 and above contains hidden functionality Low
GHSA-8jh9-wqpf-q52c was published for sweetalert2 (npm) Nov 23, 2022
Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code... Critical Unreviewed
CVE-2022-46997 was published Dec 14, 2022
vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code... Critical Unreviewed
CVE-2022-46996 was published Dec 14, 2022
Hidden functionality vulnerability in PIX-RT100 versions RT100_TEQ_2.1.1_EQ101 and RT100_TEQ_2.1... Moderate Unreviewed
CVE-2023-22316 was published Jan 17, 2023
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super... Critical Unreviewed
CVE-2022-47767 was published Jan 26, 2023
In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration... Critical Unreviewed
CVE-2022-3843 was published Feb 16, 2023
MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution... Critical Unreviewed
CVE-2023-24108 was published Feb 22, 2023
Moodle has a Hidden Functionality vulnerability Moderate
CVE-2021-36403 was published for moodle/moodle (Composer) Mar 7, 2023
A command execution vulnerability exists in the ubus backend communications functionality of... High Unreviewed
CVE-2022-36429 was published Mar 21, 2023
A command execution vulnerability exists in the hidden telnet service functionality of Netgear... High Unreviewed
CVE-2022-38452 was published Mar 21, 2023
In Snap One OvrC Pro versions prior to 7.2, when logged into the... High Unreviewed
CVE-2023-25183 was published May 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database