Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

24,368 advisories

Loading
SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation... Critical Unreviewed
CVE-2023-22889 was published Mar 8, 2023
Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before... Critical Unreviewed
CVE-2021-33353 was published Mar 9, 2023
A vulnerability classified as critical was found in SourceCodester Online Graduate Tracer System... Critical Unreviewed
CVE-2023-1309 was published Mar 10, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1267 was published Mar 8, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Health Center... Critical Unreviewed
CVE-2023-1253 was published Mar 7, 2023
A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All Versions >= 1.16.4 ... Critical Unreviewed
CVE-2023-25957 was published Mar 14, 2023
An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows... Critical Unreviewed
CVE-2023-24734 was published Mar 6, 2023
ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of... Critical Unreviewed
CVE-2023-27574 was published Mar 4, 2023
A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been... Critical Unreviewed
CVE-2023-1099 was published Feb 28, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2022-3760 was published Mar 7, 2023
A vulnerability was found in Email Registration 5.x-2.1. It has been declared as critical. This... Critical Unreviewed
CVE-2008-10004 was published Mar 7, 2023
PMB v7.4.6 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2023-24736 was published Mar 6, 2023
An arbitrary file upload vulnerability in the component /admin1/config/update of onekeyadmin v1.3... Critical Unreviewed
CVE-2023-26949 was published Mar 6, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1064 was published Mar 1, 2023
Path traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1... Critical Unreviewed
CVE-2023-22336 was published Mar 6, 2023
Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC... Critical Unreviewed
CVE-2023-22344 was published Mar 6, 2023
Hazelcast connection caching Critical
CVE-2022-36437 was published for com.hazelcast.jet:hazelcast-jet (Maven) Dec 27, 2022
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280,... Critical Unreviewed
CVE-2023-26076 was published Mar 13, 2023
An XML External Entity injection (XXE) vulnerability in ENOVIA Live Collaboration V6R2013xE... Critical Unreviewed
CVE-2023-1288 was published Mar 9, 2023
The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be... Critical Unreviewed
CVE-2022-4328 was published Mar 6, 2023
CleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection. Critical Unreviewed
CVE-2023-26780 was published Mar 2, 2023
There are buffer overflow vulnerabilities in multiple underlying operating system processes that... Critical Unreviewed
CVE-2023-22756 was published Mar 1, 2023
CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code... Critical Unreviewed
CVE-2023-26779 was published Mar 4, 2023
Accruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-46501 was published Mar 2, 2023
Unauthenticated server side request forgery in HPE Serviceguard Manager Critical Unreviewed
CVE-2022-37938 was published Mar 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database