GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
56 advisories
Filter by severity
CVE-2024-45826 IMPACT
Due to improper input validation, a path traversal and remote code...
High
Unreviewed
CVE-2024-45826
was published
Sep 12, 2024
HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during...
High
Unreviewed
CVE-2024-6717
was published
Jul 23, 2024
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple...
High
Unreviewed
CVE-2023-5247
was published
Nov 30, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit...
High
Unreviewed
CVE-2023-40194
was published
Nov 27, 2023
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356....
High
Unreviewed
CVE-2023-39542
was published
Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit...
High
Unreviewed
CVE-2023-35985
was published
Nov 27, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open...
High
Unreviewed
CVE-2023-32615
was published
Sep 5, 2023
Local privilege escalation during installation due to improper soft link handling. The following...
High
Unreviewed
CVE-2022-46869
was published
Aug 31, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42732
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42891
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42734
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42733
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42893
was published
Jul 6, 2023
Advantech R-SeeNet
versions 2.4.22
allows low-level users to access and load the content of...
High
Unreviewed
CVE-2023-3256
was published
Jun 22, 2023
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a...
High
Unreviewed
CVE-2023-21097
was published
Apr 19, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register...
High
Unreviewed
CVE-2023-22616
was published
Apr 12, 2023
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation...
High
Unreviewed
CVE-2022-43513
was published
Jan 10, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an...
High
Unreviewed
CVE-2022-34669
was published
Dec 31, 2022
An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the...
High
Unreviewed
CVE-2021-27406
was published
Oct 14, 2022
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up...
High
Unreviewed
CVE-2022-2431
was published
Sep 7, 2022
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and...
High
Unreviewed
CVE-2022-2633
was published
Sep 7, 2022
In DreamServices, there is a possible way to launch arbitrary protected activities due to a...
High
Unreviewed
CVE-2022-20319
was published
Aug 13, 2022
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple...
High
Unreviewed
CVE-2016-0796
was published
Jul 29, 2022
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to...
High
Unreviewed
CVE-2022-20223
was published
Jul 14, 2022
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name...
High
Unreviewed
CVE-2022-24241
was published
Jun 3, 2022
ProTip!
Advisories are also available from the
GraphQL API