GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,649 advisories
Filter by severity
EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented...
Critical
Unreviewed
CVE-2022-39185
was published
Jan 12, 2023
A vulnerability, which was classified as critical, has been found in SourceCodester Online Flight...
Critical
Unreviewed
CVE-2023-0245
was published
Jan 12, 2023
nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to...
Critical
Unreviewed
CVE-2022-48253
was published
Jan 11, 2023
A vulnerability classified as critical has been found in TuziCMS 2.0.6. This affects the function...
Critical
Unreviewed
CVE-2023-0243
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
Critical
Unreviewed
CVE-2017-16325
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
Critical
Unreviewed
CVE-2017-16295
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
Critical
Unreviewed
CVE-2017-16296
was published
Jan 12, 2023
DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP...
Critical
Unreviewed
CVE-2018-18439
was published
May 14, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before...
Critical
Unreviewed
CVE-2016-4173
was published
May 14, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before...
Critical
Unreviewed
CVE-2016-4174
was published
May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption...
Critical
Unreviewed
CVE-2017-2999
was published
May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free...
Critical
Unreviewed
CVE-2017-3003
was published
May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free...
Critical
Unreviewed
CVE-2017-3001
was published
May 14, 2022
The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be...
Critical
Unreviewed
CVE-2022-4060
was published
Jan 16, 2023
The Images Optimize and Upload CF7 WordPress plugin through 2.1.4 does not validate the file to...
Critical
Unreviewed
CVE-2022-4101
was published
Jan 16, 2023
A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp....
Critical
Unreviewed
CVE-2022-4890
was published
Jan 16, 2023
A vulnerability, which was classified as critical, has been found in pointhi searx_stats. This...
Critical
Unreviewed
CVE-2014-125077
was published
Jan 15, 2023
A vulnerability was found in Little Apps Little Software Stats. It has been declared as critical....
Critical
Unreviewed
CVE-2015-10057
was published
Jan 16, 2023
The Fontsy WordPress plugin through 1.8.6 does not properly sanitize and escape a parameter...
Critical
Unreviewed
CVE-2022-4447
was published
Jan 16, 2023
A vulnerability was found in 2071174A vinylmap. It has been classified as critical. Affected is...
Critical
Unreviewed
CVE-2015-10056
was published
Jan 16, 2023
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass...
Critical
Unreviewed
CVE-2019-13360
was published
May 24, 2022
A vulnerability, which was classified as critical, has been found in risheesh debutsav. This...
Critical
Unreviewed
CVE-2014-125081
was published
Jan 18, 2023
A vulnerability, which was classified as problematic, was found in galaxy-data-resource up to 14...
Critical
Unreviewed
CVE-2015-10062
was published
Jan 17, 2023
A vulnerability was found in VictorFerraresi pokemon-database-php. It has been declared as...
Critical
Unreviewed
CVE-2015-10064
was published
Jan 17, 2023
A vulnerability classified as critical has been found in PrivateSky apersistence. This affects an...
Critical
Unreviewed
CVE-2017-20171
was published
Jan 18, 2023
ProTip!
Advisories are also available from the
GraphQL API