Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

130 advisories

Loading
An externally controlled reference to a resource vulnerability has been reported to affect QNAP... Critical Unreviewed
CVE-2022-27593 was published Sep 9, 2022
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up... High Unreviewed
CVE-2022-2431 was published Sep 7, 2022
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and... High Unreviewed
CVE-2022-2633 was published Sep 7, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2022-2943 was published Sep 7, 2022
The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be... Moderate Unreviewed
CVE-2022-2638 was published Aug 29, 2022
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of... Moderate Unreviewed
CVE-2022-32761 was published Aug 23, 2022
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6... Moderate Unreviewed
CVE-2022-28710 was published Aug 23, 2022
In DreamServices, there is a possible way to launch arbitrary protected activities due to a... High Unreviewed
CVE-2022-20319 was published Aug 13, 2022
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area),... Critical Unreviewed
CVE-2022-20239 was published Aug 11, 2022
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple... High Unreviewed
CVE-2016-0796 was published Jul 29, 2022
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50.... Moderate Unreviewed
CVE-2015-10003 was published Jul 18, 2022
Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote... Moderate Unreviewed
CVE-2022-30245 was published Jul 16, 2022
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to... High Unreviewed
CVE-2022-20223 was published Jul 14, 2022
Externally Controlled Reference to a Resource in Another Sphere in ruby-mysql Moderate
CVE-2021-3779 was published for ruby-mysql (RubyGems) Jun 29, 2022
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name... High Unreviewed
CVE-2022-24241 was published Jun 3, 2022
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-30190 was published Jun 2, 2022
In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files... High Unreviewed
CVE-2021-0708 was published May 24, 2022
In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to... High Unreviewed
CVE-2021-0591 was published May 24, 2022
In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a... High Unreviewed
CVE-2021-0593 was published May 24, 2022
An arbitrary file deletion vulnerability exists within Maccms10. Moderate Unreviewed
CVE-2020-21363 was published May 24, 2022
A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to... Moderate Unreviewed
CVE-2020-23171 was published May 24, 2022
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to... High Unreviewed
CVE-2021-32576 was published May 24, 2022
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to... High Unreviewed
CVE-2021-32578 was published May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting... High Unreviewed
CVE-2021-22420 was published May 24, 2022
In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a... Moderate Unreviewed
CVE-2021-0599 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API