Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

585 advisories

Loading
A vulnerability has been found in frontaccounting faplanet and classified as critical. This... Critical Unreviewed
CVE-2014-125080 was published Jan 16, 2023
nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to... Critical Unreviewed
CVE-2022-48253 was published Jan 11, 2023
A vulnerability has been found in fabarea media_upload and classified as critical. This... Critical Unreviewed
CVE-2016-15017 was published Jan 10, 2023
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... Critical Unreviewed
CVE-2022-43514 was published Jan 10, 2023
A vulnerability classified as critical was found in hoffie larasync. This vulnerability affects... Critical Unreviewed
CVE-2015-10024 was published Jan 7, 2023
A vulnerability was found in stakira OpenUtau. It has been classified as critical. This affects... Critical Unreviewed
CVE-2022-4880 was published Jan 7, 2023
A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected... Critical Unreviewed
CVE-2019-25097 was published Jan 5, 2023
A vulnerability was found in soerennb eXtplorer up to 2.1.12. It has been classified as critical.... Critical Unreviewed
CVE-2019-25098 was published Jan 5, 2023
A vulnerability has been found in AlliedModders AMX Mod X and classified as critical. This... Critical Unreviewed
CVE-2020-36639 was published Jan 4, 2023
The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as... Critical Unreviewed
CVE-2022-4298 was published Jan 3, 2023
A vulnerability was found in FlatPress. It has been classified as critical. This affects the... Critical Unreviewed
CVE-2022-4748 was published Dec 27, 2022
A vulnerability classified as critical has been found in Calsign APDE. This affects the function... Critical Unreviewed
CVE-2020-36628 was published Dec 25, 2022
The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when... Critical Unreviewed
CVE-2022-4063 was published Dec 19, 2022
A vulnerability was found in drogatkin TJWS2. It has been declared as critical. Affected by this... Critical Unreviewed
CVE-2022-4594 was published Dec 18, 2022
An improper limitation of a pathname to a restricted directory vulnerability was identified in... Critical Unreviewed
CVE-2022-46255 was published Dec 14, 2022
A vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer.... Critical Unreviewed
CVE-2022-4494 was published Dec 14, 2022
Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed
CVE-2022-45290 was published Dec 9, 2022
Remote code execution vulnerability can be achieved by using cookie values as paths to a file by... Critical Unreviewed
CVE-2022-41158 was published Nov 25, 2022
Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. Critical Unreviewed
CVE-2022-41840 was published Nov 18, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to improper validation or... Critical Unreviewed
CVE-2022-44006 was published Nov 17, 2022
A vulnerability, which was classified as problematic, was found in lanyulei ferry. This affects... Critical Unreviewed
CVE-2022-3940 was published Nov 11, 2022
A vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by... Critical Unreviewed
CVE-2022-3939 was published Nov 11, 2022
Path traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0... Critical Unreviewed
CVE-2022-34822 was published Nov 9, 2022
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided... Critical Unreviewed
CVE-2022-41657 was published Nov 1, 2022
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives... Critical Unreviewed
CVE-2022-41772 was published Nov 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database