GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,410
Composer 4,676
Erlang 34
GitHub Actions 26
Go 2,263
Maven 5,528
npm 3,915
NuGet 705
pip 3,686
Pub 12
RubyGems 916
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,536

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,150 advisories

Filter by severity

Sort by

Least recently updated

The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password. Critical Unreviewed

CVE-2021-40597 was published Jun 30, 2022

Benjamin BALET Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed

CVE-2022-34132 was published Jun 29, 2022

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed

CVE-2022-31230 was published Jun 29, 2022

Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of... Critical Unreviewed

CVE-2022-31885 was published Jun 29, 2022

File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code... Critical Unreviewed

CVE-2020-19896 was published Jun 29, 2022

Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker... Critical Unreviewed

CVE-2022-31887 was published Jun 29, 2022

The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary... Critical Unreviewed

CVE-2022-1953 was published Jun 28, 2022

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Critical Unreviewed

CVE-2022-2207 was published Jun 28, 2022

The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when... Critical Unreviewed

CVE-2022-1574 was published Jun 28, 2022

Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an... Critical Unreviewed

CVE-2022-2140 was published Jun 28, 2022

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Critical Unreviewed

CVE-2022-2210 was published Jun 28, 2022

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security... Critical Unreviewed

CVE-2022-28171 was published Jun 28, 2022

A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as... Critical Unreviewed

CVE-2017-20099 was published Jun 28, 2022

D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2022-32092 was published Jun 28, 2022

Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template... Critical Unreviewed

CVE-2022-32995 was published Jun 28, 2022

Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the... Critical Unreviewed

CVE-2022-32994 was published Jun 28, 2022

RG-EG series gateway EG350 EG_RGOS 11.1(6) was discovered to contain a SQL injection... Critical Unreviewed

CVE-2022-33128 was published Jun 26, 2022

In the CODESYS Development System multiple components in multiple versions transmit the passwords... Critical Unreviewed

CVE-2022-31805 was published Jun 25, 2022

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified... Critical Unreviewed

CVE-2022-31802 was published Jun 25, 2022

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection... Critical Unreviewed

CVE-2022-31806 was published Jun 25, 2022

A vulnerability classified as critical was found in Simple Ads Manager Plugin. This vulnerability... Critical Unreviewed

CVE-2017-20095 was published Jun 25, 2022

IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2022-31767 was published Jun 25, 2022

OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative... Critical Unreviewed

CVE-2022-2120 was published Jun 25, 2022

A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System... Critical Unreviewed

CVE-2022-28620 was published Jun 25, 2022

LRM does not restrict the types of files that can be uploaded to the affected product. A... Critical Unreviewed

CVE-2022-1519 was published Jun 25, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,150 advisories