Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

122 advisories

Loading
In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a... Moderate Unreviewed
CVE-2022-20199 was published Dec 20, 2022
A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.1. It has been... Critical Unreviewed
CVE-2022-4607 was published Dec 19, 2022
ILIAS before 7.16 allows External Control of File Name or Path. Moderate Unreviewed
CVE-2022-45918 was published Dec 7, 2022
An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the... High Unreviewed
CVE-2021-27406 was published Oct 14, 2022
An externally controlled reference to a resource vulnerability has been reported to affect QNAP... Critical Unreviewed
CVE-2022-27593 was published Sep 9, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2022-2943 was published Sep 7, 2022
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up... High Unreviewed
CVE-2022-2431 was published Sep 7, 2022
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and... High Unreviewed
CVE-2022-2633 was published Sep 7, 2022
The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be... Moderate Unreviewed
CVE-2022-2638 was published Aug 29, 2022
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of... Moderate Unreviewed
CVE-2022-32761 was published Aug 23, 2022
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6... Moderate Unreviewed
CVE-2022-28710 was published Aug 23, 2022
In DreamServices, there is a possible way to launch arbitrary protected activities due to a... High Unreviewed
CVE-2022-20319 was published Aug 13, 2022
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area),... Critical Unreviewed
CVE-2022-20239 was published Aug 11, 2022
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple... High Unreviewed
CVE-2016-0796 was published Jul 29, 2022
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50.... Moderate Unreviewed
CVE-2015-10003 was published Jul 18, 2022
Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote... Moderate Unreviewed
CVE-2022-30245 was published Jul 16, 2022
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to... High Unreviewed
CVE-2022-20223 was published Jul 14, 2022
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name... High Unreviewed
CVE-2022-24241 was published Jun 3, 2022
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-30190 was published Jun 2, 2022
In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files... High Unreviewed
CVE-2021-0708 was published May 24, 2022
In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a... High Unreviewed
CVE-2021-0593 was published May 24, 2022
In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to... High Unreviewed
CVE-2021-0591 was published May 24, 2022
An arbitrary file deletion vulnerability exists within Maccms10. Moderate Unreviewed
CVE-2020-21363 was published May 24, 2022
A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to... Moderate Unreviewed
CVE-2020-23171 was published May 24, 2022
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to... High Unreviewed
CVE-2021-32576 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database