Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

813 advisories

Loading
The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Code Execution in... Moderate Unreviewed
CVE-2023-4994 was published Sep 16, 2023
SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript... Moderate Unreviewed
CVE-2023-40621 was published Sep 13, 2023
Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and... Moderate Unreviewed
CVE-2023-38484 was published Sep 6, 2023
An issue has been discovered in GitLab affecting all versions before 16.0.8, all versions... Moderate Unreviewed
CVE-2023-3401 was published Aug 2, 2023
Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti... Moderate Unreviewed
CVE-2022-42045 was published Jul 13, 2023
Code injection vulnerability exists in Chatwork Desktop Application (Mac) 2.6.43 and earlier. If... Moderate Unreviewed
CVE-2023-32546 was published Jun 13, 2023
Code Injection in GitHub repository openemr/openemr prior to 7.0.1. Moderate Unreviewed
CVE-2023-2943 was published May 28, 2023
A vulnerability was found in DedeCMS up to 5.7.106. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2023-2928 was published May 27, 2023
An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all... Moderate Unreviewed
CVE-2023-1178 was published May 4, 2023
An issue discovered in mccms 2.6.1 allows remote attackers to cause a denial of service via... Moderate Unreviewed
CVE-2023-26782 was published Apr 28, 2023
A vulnerability was found in DedeCMS up to 5.7.87 and classified as critical. This issue affects... Moderate Unreviewed
CVE-2023-2056 was published Apr 14, 2023
In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non... Moderate Unreviewed
CVE-2023-27897 was published Apr 11, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2,... Moderate Unreviewed
CVE-2022-3960 was published Apr 3, 2023
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA... Moderate Unreviewed
CVE-2022-20686 was published Dec 12, 2022
The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an... Moderate Unreviewed
CVE-2022-41223 was published Nov 22, 2022
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful... Moderate Unreviewed
CVE-2022-41205 was published Nov 9, 2022
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through... Moderate Unreviewed
CVE-2022-43572 was published Nov 5, 2022
Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. Moderate Unreviewed
CVE-2022-2014 was published Jun 10, 2022
The Loco Translate WordPress plugin before 2.5.4 mishandles data inputs which get saved to a file... Moderate Unreviewed
CVE-2021-24721 was published May 24, 2022
An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0... Moderate Unreviewed
CVE-2021-42754 was published May 24, 2022
MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel.... Moderate Unreviewed
CVE-2021-39402 was published May 24, 2022
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code... Moderate Unreviewed
CVE-2021-3615 was published May 24, 2022
A vulnerability was found in Moodle where javaScript injection was possible in some Mustache... Moderate Unreviewed
CVE-2019-14827 was published May 24, 2022
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to... Moderate Unreviewed
CVE-2021-27611 was published May 24, 2022
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up... Moderate Unreviewed
CVE-2021-22204 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database