Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,384 advisories

Loading
EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented... Critical Unreviewed
CVE-2022-39185 was published Jan 12, 2023
A vulnerability, which was classified as critical, has been found in SourceCodester Online Flight... Critical Unreviewed
CVE-2023-0245 was published Jan 12, 2023
nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to... Critical Unreviewed
CVE-2022-48253 was published Jan 11, 2023
A vulnerability classified as critical has been found in TuziCMS 2.0.6. This affects the function... Critical Unreviewed
CVE-2023-0243 was published Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... Critical Unreviewed
CVE-2017-16325 was published Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... Critical Unreviewed
CVE-2017-16295 was published Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... Critical Unreviewed
CVE-2017-16296 was published Jan 12, 2023
DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP... Critical Unreviewed
CVE-2018-18439 was published May 14, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before... Critical Unreviewed
CVE-2016-4174 was published May 14, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before... Critical Unreviewed
CVE-2016-4173 was published May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free... Critical Unreviewed
CVE-2017-3001 was published May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption... Critical Unreviewed
CVE-2017-2999 was published May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free... Critical Unreviewed
CVE-2017-3003 was published May 14, 2022
The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be... Critical Unreviewed
CVE-2022-4060 was published Jan 16, 2023
The Images Optimize and Upload CF7 WordPress plugin through 2.1.4 does not validate the file to... Critical Unreviewed
CVE-2022-4101 was published Jan 16, 2023
A vulnerability, which was classified as critical, has been found in pointhi searx_stats. This... Critical Unreviewed
CVE-2014-125077 was published Jan 15, 2023
A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp.... Critical Unreviewed
CVE-2022-4890 was published Jan 16, 2023
A vulnerability was found in Little Apps Little Software Stats. It has been declared as critical.... Critical Unreviewed
CVE-2015-10057 was published Jan 16, 2023
A vulnerability was found in 2071174A vinylmap. It has been classified as critical. Affected is... Critical Unreviewed
CVE-2015-10056 was published Jan 16, 2023
The Fontsy WordPress plugin through 1.8.6 does not properly sanitize and escape a parameter... Critical Unreviewed
CVE-2022-4447 was published Jan 16, 2023
A vulnerability, which was classified as critical, has been found in risheesh debutsav. This... Critical Unreviewed
CVE-2014-125081 was published Jan 18, 2023
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass... Critical Unreviewed
CVE-2019-13360 was published May 24, 2022
A vulnerability, which was classified as problematic, was found in galaxy-data-resource up to 14... Critical Unreviewed
CVE-2015-10062 was published Jan 17, 2023
A vulnerability was found in VictorFerraresi pokemon-database-php. It has been declared as... Critical Unreviewed
CVE-2015-10064 was published Jan 17, 2023
A vulnerability classified as critical was found in AenBleidd FiND. This vulnerability affects... Critical Unreviewed
CVE-2015-10065 was published Jan 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database