Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40647 was published Sep 16, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40637 was published Sep 16, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40648 was published Sep 16, 2022
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier... High Unreviewed
CVE-2022-40621 was published Sep 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40650 was published Sep 16, 2022
libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c. High Unreviewed
CVE-2022-39170 was published Sep 3, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40639 was published Sep 16, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40641 was published Sep 16, 2022
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize... High Unreviewed
CVE-2022-40623 was published Sep 14, 2022
file-type vulnerable to Infinite Loop via malformed MKV file High
CVE-2022-36313 was published for file-type (npm) Jul 22, 2022
kiskoza Credited to kiskoza and ItalyPaleAle ItalyPaleAle ItalyPaleAle
CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenticated user can control both... High Unreviewed
CVE-2022-37190 was published Sep 14, 2022
Vulnerability in dirhistory plugin Description: the widgets that go back and forward in the... High Unreviewed
CVE-2021-3725 was published Dec 1, 2021
The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that... High Unreviewed
CVE-2021-43175 was published Dec 8, 2021
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping... High Unreviewed
CVE-2021-4021 was published Feb 25, 2022
Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level... High Unreviewed
CVE-2021-43939 was published Apr 29, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the "... High Unreviewed
CVE-2021-42855 was published Mar 11, 2022
Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3... High Unreviewed
CVE-2013-4630 was published May 17, 2022
SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS,... High Unreviewed
CVE-2013-4715 was published May 17, 2022
Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before... High Unreviewed
CVE-2011-4351 was published May 17, 2022
SQL injection vulnerability in m_worklog/log_searchday.jsp in Enorth Webpublisher CMS, possibly 5... High Unreviewed
CVE-2013-6985 was published May 17, 2022
A vulnerability in Snow Inventory Java Scanner allows an attacker to run malicious code at a... High Unreviewed
CVE-2021-4106 was published Feb 17, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40649 was published Sep 16, 2022
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses... High Unreviewed
CVE-2022-40622 was published Sep 14, 2022
Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges... High Unreviewed
CVE-2022-31322 was published Sep 14, 2022
Unspecified vulnerability in the Hyperion Strategic Finance component in Oracle Hyperion 11.1.2.1... High Unreviewed
CVE-2013-3830 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database