GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,458

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

56 advisories

Filter by severity

Sort by

Least recently updated

CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code... High Unreviewed

CVE-2024-45826 was published Sep 12, 2024

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during... High Unreviewed

CVE-2024-6717 was published Jul 23, 2024

Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple... High Unreviewed

CVE-2023-5247 was published Nov 30, 2023

A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356.... High Unreviewed

CVE-2023-39542 was published Nov 27, 2023

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed

CVE-2023-40194 was published Nov 27, 2023

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed

CVE-2023-35985 was published Nov 27, 2023

A file write vulnerability exists in the OAS Engine configuration functionality of Open... High Unreviewed

CVE-2023-32615 was published Sep 5, 2023

Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed

CVE-2022-46869 was published Aug 31, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42893 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42733 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42734 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42891 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42732 was published Jul 6, 2023

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of... High Unreviewed

CVE-2023-3256 was published Jun 22, 2023

In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a... High Unreviewed

CVE-2023-21097 was published Apr 19, 2023

An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register... High Unreviewed

CVE-2023-22616 was published Apr 12, 2023

A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... High Unreviewed

CVE-2022-43513 was published Jan 10, 2023

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an... High Unreviewed

CVE-2022-34669 was published Dec 31, 2022

An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the... High Unreviewed

CVE-2021-27406 was published Oct 14, 2022

The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up... High Unreviewed

CVE-2022-2431 was published Sep 7, 2022

The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and... High Unreviewed

CVE-2022-2633 was published Sep 7, 2022

In DreamServices, there is a possible way to launch arbitrary protected activities due to a... High Unreviewed

CVE-2022-20319 was published Aug 13, 2022

WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple... High Unreviewed

CVE-2016-0796 was published Jul 29, 2022

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to... High Unreviewed

CVE-2022-20223 was published Jul 14, 2022

ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name... High Unreviewed

CVE-2022-24241 was published Jun 3, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

56 advisories