Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

118,965 advisories

Loading
Improper Input Validation in yargs-parser Moderate Unreviewed
GHSA-ghmj-crg5-xw2j was published Feb 15, 2022
An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka ... Moderate Unreviewed
CVE-2020-0905 was published May 24, 2022
An open redirect vulnerability exists in Nagios XI before version 5.8.5 that could lead to... Moderate Unreviewed
CVE-2021-37352 was published May 24, 2022
An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0... Moderate Unreviewed
CVE-2019-9892 was published May 24, 2022
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to... Moderate Unreviewed
CVE-2023-20525 was published Jan 11, 2023
A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows... Moderate Unreviewed
CVE-2022-47102 was published Jan 13, 2023
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community... Moderate Unreviewed
CVE-2019-10067 was published May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... Moderate Unreviewed
CVE-2022-3573 was published Jan 12, 2023
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. Moderate Unreviewed
CVE-2019-20176 was published May 24, 2022
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c... Moderate Unreviewed
CVE-2019-20096 was published May 24, 2022
A cross-site scripting (XSS) vulnerability in the component /admin/register.php of Online Student... Moderate Unreviewed
CVE-2022-46503 was published Jan 12, 2023
There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's... Moderate Unreviewed
CVE-2022-42895 was published Nov 23, 2022
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... Moderate Unreviewed
CVE-2017-16264 was published Jan 12, 2023
An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used... Moderate Unreviewed
CVE-2021-46872 was published Jan 13, 2023
A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2.... Moderate Unreviewed
CVE-2009-10001 was published Jan 13, 2023
The MonsterInsights WordPress plugin before 8.9.1 does not sanitize or escape page titles in the... Moderate Unreviewed
CVE-2022-3904 was published Jan 16, 2023
NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This... Moderate Unreviewed
CVE-2022-42284 was published Jan 13, 2023
A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic.... Moderate Unreviewed
CVE-2023-0327 was published Jan 16, 2023
The Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize... Moderate Unreviewed
CVE-2022-4442 was published Jan 16, 2023
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote... Moderate Unreviewed
CVE-2022-39195 was published Jan 17, 2023
Themify Portfolio Post WordPress plugin before 1.2.1 does not validate and escapes some of its... Moderate Unreviewed
CVE-2022-4464 was published Jan 16, 2023
The WP Attachments WordPress plugin through 5.0.5 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2022-4330 was published Jan 16, 2023
The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its... Moderate Unreviewed
CVE-2022-4487 was published Jan 16, 2023
The Sidebar Widgets by CodeLights WordPress plugin through 1.4 does not validate and escape some... Moderate Unreviewed
CVE-2022-4460 was published Jan 16, 2023
A XSS vulnerability was found in phoromatic_r_add_test_details.php in phoronix-test-suite. Moderate Unreviewed
CVE-2022-40704 was published Jan 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database