Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

107,805 advisories

Loading
Improper Input Validation in yargs-parser Moderate Unreviewed
GHSA-ghmj-crg5-xw2j was published Feb 15, 2022
An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka ... Moderate Unreviewed
CVE-2020-0905 was published May 24, 2022
An open redirect vulnerability exists in Nagios XI before version 5.8.5 that could lead to... Moderate Unreviewed
CVE-2021-37352 was published May 24, 2022
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted... Moderate Unreviewed
CVE-2019-20021 was published May 24, 2022
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95.... Moderate Unreviewed
CVE-2019-20051 was published May 24, 2022
An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0... Moderate Unreviewed
CVE-2019-9892 was published May 24, 2022
A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows... Moderate Unreviewed
CVE-2022-47102 was published Jan 13, 2023
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to... Moderate Unreviewed
CVE-2023-20525 was published Jan 11, 2023
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community... Moderate Unreviewed
CVE-2019-10067 was published May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... Moderate Unreviewed
CVE-2022-3573 was published Jan 12, 2023
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. Moderate Unreviewed
CVE-2019-20176 was published May 24, 2022
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c... Moderate Unreviewed
CVE-2019-20096 was published May 24, 2022
A cross-site scripting (XSS) vulnerability in the component /admin/register.php of Online Student... Moderate Unreviewed
CVE-2022-46503 was published Jan 12, 2023
There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's... Moderate Unreviewed
CVE-2022-42895 was published Nov 23, 2022
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... Moderate Unreviewed
CVE-2017-16264 was published Jan 12, 2023
An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used... Moderate Unreviewed
CVE-2021-46872 was published Jan 13, 2023
A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2.... Moderate Unreviewed
CVE-2009-10001 was published Jan 13, 2023
Integer overflow in the padding implementation in the opus_packet_parse_impl function in src... Moderate Unreviewed
CVE-2013-0899 was published May 14, 2022
The MonsterInsights WordPress plugin before 8.9.1 does not sanitize or escape page titles in the... Moderate Unreviewed
CVE-2022-3904 was published Jan 16, 2023
NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This... Moderate Unreviewed
CVE-2022-42284 was published Jan 13, 2023
A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic.... Moderate Unreviewed
CVE-2023-0327 was published Jan 16, 2023
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote... Moderate Unreviewed
CVE-2022-39195 was published Jan 17, 2023
The Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize... Moderate Unreviewed
CVE-2022-4442 was published Jan 16, 2023
Themify Portfolio Post WordPress plugin before 1.2.1 does not validate and escapes some of its... Moderate Unreviewed
CVE-2022-4464 was published Jan 16, 2023
The WP Attachments WordPress plugin through 5.0.5 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2022-4330 was published Jan 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database