Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,290
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,743
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

24,086 advisories

Loading
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11,... Critical Unreviewed
CVE-2017-18017 was published Apr 30, 2022
Apache MINA Deserialization RCE Vulnerability Critical
CVE-2024-52046 was published for org.apache.mina:mina-core (Maven) Dec 25, 2024
Malayke
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an... Critical Unreviewed
CVE-2023-38429 was published Jul 18, 2023
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP... Critical Unreviewed
CVE-2016-10229 was published May 17, 2022
Apache Struts file upload logic is flawed Critical
CVE-2024-53677 was published for org.apache.struts:struts2-core (Maven) Dec 11, 2024
Moxa’s cellular routers, secure routers, and network security appliances are affected by a... Critical Unreviewed
CVE-2024-9140 was published Jan 3, 2025
iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive... Critical Unreviewed
CVE-2025-22275 was published Jan 3, 2025
Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability. Critical Unreviewed
CVE-2022-37968 was published Oct 12, 2022
An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB... Critical Unreviewed
CVE-2024-55081 was published Dec 19, 2024
Windows Network File System Remote Code Execution Vulnerability. Critical Unreviewed
CVE-2022-30136 was published Jun 16, 2022
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22013, CVE... Critical Unreviewed
CVE-2022-22012 was published May 11, 2022
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE... Critical Unreviewed
CVE-2022-29130 was published May 11, 2022
Windows Network File System Remote Code Execution Vulnerability. Critical Unreviewed
CVE-2022-26937 was published May 11, 2022
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote... Critical Unreviewed
CVE-2024-7024 was published Sep 24, 2024
Apache HugeGraph-Server: Fixed JWT Token (Secret) Critical
CVE-2024-43441 was published for org.apache.hugegraph:hugegraph-server (Maven) Dec 24, 2024
path-sanitizer allows bypassing the existing filters to achieve path-traversal vulnerability Critical
CVE-2024-56198 was published for path-sanitizer (npm) Jan 2, 2025
realArcherL
Unrestricted Upload of File with Dangerous Type vulnerability in Webdeclic WPMasterToolKit allows... Critical Unreviewed
CVE-2024-56249 was published Jan 2, 2025
Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a ... Critical Unreviewed
CVE-2024-56829 was published Jan 2, 2025
The Electronic Official Document Management System from 2100 Technology has an Authentication... Critical Unreviewed
CVE-2024-13061 was published Dec 31, 2024
SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function... Critical Unreviewed
CVE-2024-55461 was published Dec 19, 2024
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid... Critical Unreviewed
CVE-2024-56431 was published Dec 25, 2024
SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at... Critical Unreviewed
CVE-2024-50713 was published Dec 27, 2024
The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API... Critical Unreviewed
CVE-2024-11972 was published Dec 31, 2024
A potential security vulnerability has been identified for certain HP multifunction printers ... Critical Unreviewed
CVE-2023-1329 was published Jun 14, 2023
An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a... Critical Unreviewed
CVE-2024-54983 was published Dec 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database