GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,213
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,111
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 37

Unreviewed advisories

All unreviewed 243,528

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

606 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in soerennb eXtplorer up to 2.1.12. It has been classified as critical.... Critical Unreviewed

CVE-2019-25098 was published Jan 5, 2023

A vulnerability has been found in AlliedModders AMX Mod X and classified as critical. This... Critical Unreviewed

CVE-2020-36639 was published Jan 4, 2023

The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as... Critical Unreviewed

CVE-2022-4298 was published Jan 3, 2023

A vulnerability was found in FlatPress. It has been classified as critical. This affects the... Critical Unreviewed

CVE-2022-4748 was published Dec 27, 2022

A vulnerability classified as critical has been found in Calsign APDE. This affects the function... Critical Unreviewed

CVE-2020-36628 was published Dec 25, 2022

The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when... Critical Unreviewed

CVE-2022-4063 was published Dec 19, 2022

A vulnerability was found in drogatkin TJWS2. It has been declared as critical. Affected by this... Critical Unreviewed

CVE-2022-4594 was published Dec 18, 2022

An improper limitation of a pathname to a restricted directory vulnerability was identified in... Critical Unreviewed

CVE-2022-46255 was published Dec 14, 2022

A vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer.... Critical Unreviewed

CVE-2022-4494 was published Dec 14, 2022

Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed

CVE-2022-45290 was published Dec 9, 2022

Remote code execution vulnerability can be achieved by using cookie values as paths to a file by... Critical Unreviewed

CVE-2022-41158 was published Nov 25, 2022

Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. Critical Unreviewed

CVE-2022-41840 was published Nov 18, 2022

An issue was discovered in BACKCLICK Professional 5.9.63. Due to improper validation or... Critical Unreviewed

CVE-2022-44006 was published Nov 17, 2022

A vulnerability, which was classified as problematic, was found in lanyulei ferry. This affects... Critical Unreviewed

CVE-2022-3940 was published Nov 11, 2022

A vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by... Critical Unreviewed

CVE-2022-3939 was published Nov 11, 2022

Path traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0... Critical Unreviewed

CVE-2022-34822 was published Nov 9, 2022

Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided... Critical Unreviewed

CVE-2022-41657 was published Nov 1, 2022

Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives... Critical Unreviewed

CVE-2022-41772 was published Nov 1, 2022

A directory traversal vulnerability exists in the web_server /ajax/remove/ functionality of... Critical Unreviewed

CVE-2022-33897 was published Oct 25, 2022

This vulnerability could allow a remote attacker to execute remote commands with improper... Critical Unreviewed

CVE-2022-23770 was published Oct 17, 2022

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an... Critical Unreviewed

CVE-2022-38418 was published Oct 15, 2022

Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered... Critical Unreviewed

CVE-2022-28814 was published Sep 29, 2022

Smart eVision’s file acquisition function has a path traversal vulnerability due to insufficient... Critical Unreviewed

CVE-2022-39033 was published Sep 29, 2022

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload... Critical Unreviewed

CVE-2022-41352 was published Sep 27, 2022

This vulnerability of SecureGate is SQL-Injection using login without password. A path traversal... Critical Unreviewed

CVE-2022-23767 was published Sep 20, 2022

Previous 1 2 … 8 9 10 11 12 … 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

606 advisories