Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

129 advisories

Loading
timber/timber vulnerable to Deserialization of Untrusted Data High
CVE-2024-29800 was published for timber/timber (Composer) Apr 12, 2024
Sonicrrrr dennisenderink
Windows Compressed Folder Tampering Vulnerability Moderate Unreviewed
CVE-2024-26185 was published Mar 12, 2024
Windows HTML Platforms Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-20652 was published Jan 9, 2024
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42734 was published Jul 6, 2023
The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote... Critical Unreviewed
CVE-2023-4634 was published Sep 6, 2023
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3... High Unreviewed
CVE-2024-31492 was published Apr 10, 2024
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... High Unreviewed
CVE-2022-43513 was published Jan 10, 2023
Voilà Local file inclusion High
CVE-2024-30265 was published for voila (pip) Apr 3, 2024
ericfinger trungleduc
martinRenou Carreau
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated... High Unreviewed
CVE-2023-43074 was published Oct 23, 2023
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in... High Unreviewed
CVE-2023-36634 was published Sep 13, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open... High Unreviewed
CVE-2023-32615 was published Sep 5, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42893 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42891 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42732 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42733 was published Jul 6, 2023
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of... High Unreviewed
CVE-2023-3256 was published Jun 22, 2023
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated... Moderate Unreviewed
CVE-2023-0008 was published May 10, 2023
A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of... Moderate Unreviewed
CVE-2024-22178 was published Apr 3, 2024
A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open... Moderate Unreviewed
CVE-2024-21870 was published Apr 3, 2024
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail... Moderate Unreviewed
CVE-2020-36772 was published Jan 22, 2024
A vulnerability was found in Campcodes House Rental Management System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-2917 was published Mar 27, 2024
PaddlePaddle allows arbitrary file read via paddle.vision.ops.read_file High
CVE-2024-1603 was published for paddlepaddle (pip) Mar 23, 2024
GeoServer Arbitrary file renaming vulnerability in REST Coverage/Data Store API Moderate
CVE-2024-23634 was published for org.geoserver:gs-restconfig (Maven) Mar 20, 2024
sikeoka
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message... Moderate Unreviewed
CVE-2023-47147 was published Mar 15, 2024
IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and... Moderate Unreviewed
CVE-2023-26282 was published Mar 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database