GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,231

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Filter by severity

Sort by

Least recently updated

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an... High Unreviewed

CVE-2021-42133 was published Dec 8, 2021

A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed

CVE-2021-41841 was published Feb 10, 2022

A local file inclusion in Hospital Patient Record Management System v1.0 allows attackers to... High Unreviewed

CVE-2022-24232 was published Feb 25, 2022

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts... High Unreviewed

CVE-2022-25486 was published Mar 16, 2022

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts... High Unreviewed

CVE-2022-25485 was published Mar 16, 2022

PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and ... High Unreviewed

CVE-2004-0030 was published Apr 29, 2022

PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2)... High Unreviewed

CVE-2004-0285 was published Apr 29, 2022

Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a... High Unreviewed

CVE-2019-9829 was published May 13, 2022

Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by... High Unreviewed

CVE-2018-12120 was published May 13, 2022

A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could... High Unreviewed

CVE-2017-14095 was published May 13, 2022

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel (Tools and Maintenance ->... High Unreviewed

CVE-2018-1000502 was published May 13, 2022

playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse. High Unreviewed

CVE-2018-18387 was published May 13, 2022

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library)... High Unreviewed

CVE-2021-20443 was published May 24, 2022

Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212... High Unreviewed

CVE-2021-30507 was published May 24, 2022

Local file inclusion exists in Kaseya VSA before 9.5.6. High Unreviewed

CVE-2021-30121 was published May 24, 2022

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged... High Unreviewed

CVE-2021-34692 was published May 24, 2022

NVIDIA DCGM contains a vulnerability in the DIAG module where any user can inject shared... High Unreviewed

CVE-2021-34398 was published May 24, 2022

The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the... High Unreviewed

CVE-2021-38360 was published May 24, 2022

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the... High Unreviewed

CVE-2021-33626 was published May 24, 2022

SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included... High Unreviewed

CVE-2021-41569 was published May 24, 2022

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This... High Unreviewed

CVE-2021-4229 was published May 25, 2022

In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the... High Unreviewed

CVE-2021-41037 was published Jul 9, 2022

Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from... High Unreviewed

CVE-2022-30243 was published Jul 16, 2022

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated... High Unreviewed

CVE-2022-30244 was published Jul 16, 2022

Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64... High Unreviewed

CVE-2022-33317 was published Jul 21, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

49 advisories