GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,000
Composer 4,298
Erlang 31
GitHub Actions 21
Go 2,063
Maven 5,240
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 876
Swift 36

Unreviewed advisories

All unreviewed 239,826

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability, which was classified as critical, has been found in SourceCodester Resort... Moderate Unreviewed

CVE-2023-4191 was published Aug 7, 2023

A vulnerability was found in Boss Mini 1.4.0 Build 6221. It has been classified as critical. This... High Unreviewed

CVE-2023-3643 was published Jul 12, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42893 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42732 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42734 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42891 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42733 was published Jul 6, 2023

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of... High Unreviewed

CVE-2023-3256 was published Jun 22, 2023

Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A... High Unreviewed

CVE-2023-28603 was published Jun 13, 2023

A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated... Moderate Unreviewed

CVE-2023-0008 was published May 10, 2023

External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0. High Unreviewed

CVE-2023-2554 was published May 5, 2023

A vulnerability has been found in SourceCodester Student Study Center Desk Management System 1.0... Moderate Unreviewed

CVE-2023-2152 was published Apr 18, 2023

The Plus Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in... Moderate Unreviewed

CVE-2021-4332 was published Mar 7, 2023

External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3. High Unreviewed

CVE-2023-1105 was published Mar 1, 2023

A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an... Moderate Unreviewed

CVE-2023-0003 was published Feb 8, 2023

A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... High Unreviewed

CVE-2022-43513 was published Jan 10, 2023

A vulnerability, which was classified as problematic, has been found in sternenseemann... Critical Unreviewed

CVE-2014-125059 was published Jan 7, 2023

A vulnerability, which was classified as critical, was found in soshtolsus wing-tight. This... Critical Unreviewed

CVE-2014-125044 was published Jan 5, 2023

The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary... Moderate Unreviewed

CVE-2022-2943 was published Sep 7, 2022

The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up... High Unreviewed

CVE-2022-2431 was published Sep 7, 2022

The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be... Moderate Unreviewed

CVE-2022-2638 was published Aug 29, 2022

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of... Moderate Unreviewed

CVE-2022-32761 was published Aug 23, 2022

An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6... Moderate Unreviewed

CVE-2022-28710 was published Aug 23, 2022

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of... Moderate Unreviewed

CVE-2022-34765 was published Jul 14, 2022

There are multiple API function codes that permit reading and writing data to or from files and... Critical Unreviewed

CVE-2021-38477 was published May 24, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

106 advisories