GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
118 advisories
Filter by severity
An externally controlled reference to a resource vulnerability has been reported to affect QNAP...
Critical
Unreviewed
CVE-2022-27593
was published
Sep 9, 2022
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up...
High
Unreviewed
CVE-2022-2431
was published
Sep 7, 2022
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and...
High
Unreviewed
CVE-2022-2633
was published
Sep 7, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary...
Moderate
Unreviewed
CVE-2022-2943
was published
Sep 7, 2022
The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be...
Moderate
Unreviewed
CVE-2022-2638
was published
Aug 29, 2022
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of...
Moderate
Unreviewed
CVE-2022-32761
was published
Aug 23, 2022
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6...
Moderate
Unreviewed
CVE-2022-28710
was published
Aug 23, 2022
In DreamServices, there is a possible way to launch arbitrary protected activities due to a...
High
Unreviewed
CVE-2022-20319
was published
Aug 13, 2022
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area),...
Critical
Unreviewed
CVE-2022-20239
was published
Aug 11, 2022
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple...
High
Unreviewed
CVE-2016-0796
was published
Jul 29, 2022
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50....
Moderate
Unreviewed
CVE-2015-10003
was published
Jul 18, 2022
Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote...
Moderate
Unreviewed
CVE-2022-30245
was published
Jul 16, 2022
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to...
High
Unreviewed
CVE-2022-20223
was published
Jul 14, 2022
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name...
High
Unreviewed
CVE-2022-24241
was published
Jun 3, 2022
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-30190
was published
Jun 2, 2022
In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files...
High
Unreviewed
CVE-2021-0708
was published
May 24, 2022
In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to...
High
Unreviewed
CVE-2021-0591
was published
May 24, 2022
In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a...
High
Unreviewed
CVE-2021-0593
was published
May 24, 2022
An arbitrary file deletion vulnerability exists within Maccms10.
Moderate
Unreviewed
CVE-2020-21363
was published
May 24, 2022
A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to...
Moderate
Unreviewed
CVE-2020-23171
was published
May 24, 2022
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to...
High
Unreviewed
CVE-2021-32576
was published
May 24, 2022
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to...
High
Unreviewed
CVE-2021-32578
was published
May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting...
High
Unreviewed
CVE-2021-22420
was published
May 24, 2022
In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a...
Moderate
Unreviewed
CVE-2021-0599
was published
May 24, 2022
A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built...
Moderate
Unreviewed
CVE-2021-29965
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API