Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,669
Erlang
34
GitHub Actions
26
Go
2,262
Maven
5,000+
npm
3,912
NuGet
705
pip
3,681
Pub
12
RubyGems
916
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,139 advisories

Loading
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33312 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33314 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33313 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33326 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33325 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33328 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33327 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33329 was published Jul 1, 2022
There is an object injection vulnerability in swfupload plugin for wordpress. Critical Unreviewed
CVE-2013-4144 was published Jul 1, 2022
A data removal vulnerability exists in the web_server /action/remove/ API functionality of... Critical Unreviewed
CVE-2022-28127 was published Jul 1, 2022
A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0.... Critical Unreviewed
CVE-2022-32585 was published Jul 1, 2022
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary... Critical Unreviewed
CVE-2013-4561 was published Jul 1, 2022
In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page)... Critical Unreviewed
CVE-2022-31266 was published Jun 30, 2022
A vulnerability, which was classified as critical, was found in Teleopti WFM 7.1.0. This affects... Critical Unreviewed
CVE-2017-20111 was published Jun 30, 2022
The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password. Critical Unreviewed
CVE-2021-40597 was published Jun 30, 2022
Benjamin BALET Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed
CVE-2022-34132 was published Jun 29, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed
CVE-2022-31230 was published Jun 29, 2022
Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of... Critical Unreviewed
CVE-2022-31885 was published Jun 29, 2022
File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code... Critical Unreviewed
CVE-2020-19896 was published Jun 29, 2022
Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker... Critical Unreviewed
CVE-2022-31887 was published Jun 29, 2022
The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary... Critical Unreviewed
CVE-2022-1953 was published Jun 28, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-2207 was published Jun 28, 2022
The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when... Critical Unreviewed
CVE-2022-1574 was published Jun 28, 2022
Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an... Critical Unreviewed
CVE-2022-2140 was published Jun 28, 2022
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-2210 was published Jun 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database