Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,660
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,504 advisories

Loading
SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute... Critical Unreviewed
CVE-2020-20915 was published Apr 4, 2023
Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows... Critical Unreviewed
CVE-2020-21487 was published Apr 4, 2023
An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2020-29312 was published Apr 4, 2023
Etcd-io Improper Authentication vulnerability Critical
CVE-2021-28235 was published for go.etcd.io/etcd/v3 (Go) Apr 4, 2023
Withdrawn: SQL injection in Yii 2 Critical
CVE-2023-26750 was published for yiisoft/yii2 (Composer) Apr 4, 2023 withdrawn
ccchapman iBotPeaches
Credited to ccchapman and iBotPeaches
OS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary... Critical Unreviewed
CVE-2023-26921 was published Apr 4, 2023
A vulnerability has been found in SourceCodester Centralized Covid Vaccination Records System 1.0... Critical Unreviewed
CVE-2023-1827 was published Apr 4, 2023
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance... Critical Unreviewed
CVE-2023-1671 was published Apr 4, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer... Critical Unreviewed
CVE-2023-1826 was published Apr 4, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in Fernus Informatics LMS allows OS... Critical Unreviewed
CVE-2023-1728 was published Apr 4, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including... Critical Unreviewed
CVE-2022-43939 was published Apr 3, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1765 was published Apr 3, 2023
BluePage CMS thru v3.9 processes an insufficiently sanitized HTTP Header allowing MySQL Injection... Critical Unreviewed
CVE-2022-38923 was published Apr 3, 2023
BluePage CMS thru 3.9 processes an insufficiently sanitized HTTP Header Cookie value allowing... Critical Unreviewed
CVE-2022-38922 was published Apr 3, 2023
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused... Critical Unreviewed
CVE-2023-27284 was published Apr 2, 2023
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused... Critical Unreviewed
CVE-2023-27286 was published Apr 2, 2023
A vulnerability classified as critical was found in OTCMS 6.0.1. Affected by this vulnerability... Critical Unreviewed
CVE-2023-1797 was published Apr 2, 2023
sjqzhang go-fastdfs vulnerable to path traversal Critical
CVE-2023-1800 was published for github.com/sjqzhang/go-fastdfs (Go) Apr 2, 2023
A vulnerability has been found in SourceCodester Simple Task Allocation System 1.0 and classified... Critical Unreviewed
CVE-2023-1791 was published Apr 2, 2023
A vulnerability was found in SourceCodester Simple Mobile Comparison Website 1.0 and classified... Critical Unreviewed
CVE-2023-1792 was published Apr 2, 2023
A vulnerability was found in SourceCodester Police Crime Record Management System 1.0. It has... Critical Unreviewed
CVE-2023-1793 was published Apr 2, 2023
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2023-26822 was published Apr 2, 2023
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file... Critical Unreviewed
CVE-2022-47190 was published Apr 1, 2023
Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an... Critical Unreviewed
CVE-2022-47189 was published Apr 1, 2023
X-Forwarded-For header allows brute-forcing autoblocked IP addresses Critical
CVE-2023-29141 was published for mediawiki/core (Composer) Mar 31, 2023
Rudloff
Credited to Rudloff
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database