GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
24,349 advisories
Filter by severity
A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Affected is an...
Critical
Unreviewed
CVE-2023-1416
was published
Mar 15, 2023
A command injection vulnerability is present that permits an unauthenticated user with access to...
Critical
Unreviewed
CVE-2018-7084
was published
May 24, 2022
A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0...
Critical
Unreviewed
CVE-2023-26511
was published
Mar 14, 2023
Microsoft Outlook Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2023-23397
was published
Mar 14, 2023
Zenario CMS is vulnerable to Remote Code Execution (RCE).
Critical
CVE-2022-44136
was published
for
tribalsystems/zenario
(Composer)
Nov 30, 2022
The Lead Generated WordPress Plugin, version <= 1.23, was affected by an unauthenticated insecure...
Critical
Unreviewed
CVE-2023-28667
was published
Mar 22, 2023
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console.
Critical
Unreviewed
CVE-2019-7276
was published
May 24, 2022
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web...
Critical
Unreviewed
CVE-2022-23178
was published
Jan 16, 2022
baserCMS File Uploader Remote Code Execution (RCE) vulnerability
Critical
CVE-2023-25654
was published
for
baserproject/basercms
(Composer)
Mar 23, 2023
baserCMS allows any file to be uploaded
Critical
CVE-2023-25655
was published
for
baserproject/basercms
(Composer)
Mar 23, 2023
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-28497
was published
Mar 23, 2023
Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2
Critical
Unreviewed
CVE-2023-24468
was published
Mar 16, 2023
code-server vulnerable to Missing Origin Validation in WebSockets
Critical
CVE-2023-26114
was published
for
code-server
(npm)
Mar 23, 2023
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation
Critical
CVE-2023-25668
was published
for
tensorflow
(pip)
Mar 24, 2023
Command injection in itext7-core
Critical
CVE-2021-43113
was published
for
com.itextpdf:itext7-core
(Maven)
Dec 16, 2021
A vulnerability classified as critical has been found in SourceCodester Automatic Question Paper...
Critical
Unreviewed
CVE-2023-1591
was published
Mar 23, 2023
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is...
Critical
Unreviewed
CVE-2022-37109
was published
Nov 15, 2022
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version...
Critical
Unreviewed
CVE-2022-40684
was published
Oct 18, 2022
A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS)...
Critical
Unreviewed
CVE-2023-24080
was published
Feb 22, 2023
HGiga OAKlouds file uploading function does not restrict upload of file with dangerous type. An...
Critical
Unreviewed
CVE-2023-25909
was published
Mar 27, 2023
An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to...
Critical
Unreviewed
CVE-2023-25344
was published
Mar 15, 2023
SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752,...
Critical
Unreviewed
CVE-2023-27501
was published
Mar 14, 2023
An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1...
Critical
Unreviewed
CVE-2023-27757
was published
Mar 15, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Gadget Works...
Critical
Unreviewed
CVE-2023-1358
was published
Mar 12, 2023
A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability...
Critical
Unreviewed
CVE-2023-1368
was published
Mar 13, 2023
ProTip!
Advisories are also available from the
GraphQL API