GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,754 advisories
Filter by severity
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15619
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15421
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15422
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15429
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15431
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15428
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15425
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15618
was published
May 24, 2022
MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni...
High
Unreviewed
CVE-2023-22280
was published
Jan 17, 2023
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non...
High
Unreviewed
CVE-2022-46891
was published
Jan 17, 2023
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15...
High
Unreviewed
CVE-2022-2251
was published
Jan 17, 2023
Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object...
High
Unreviewed
CVE-2023-22850
was published
Jan 14, 2023
Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV.
High
Unreviewed
CVE-2023-0358
was published
Jan 18, 2023
An unauthorized user could possibly delete any file on the system.
High
Unreviewed
CVE-2022-46331
was published
Jan 18, 2023
Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An...
High
Unreviewed
CVE-2022-34456
was published
Jan 18, 2023
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before...
High
Unreviewed
CVE-2016-4222
was published
May 14, 2022
Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before...
High
Unreviewed
CVE-2016-1016
was published
May 14, 2022
ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can...
High
Unreviewed
CVE-2022-47745
was published
Jan 19, 2023
Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.
High
Unreviewed
CVE-2021-33959
was published
Jan 18, 2023
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe...
High
Unreviewed
CVE-2016-4152
was published
May 13, 2022
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe...
High
Unreviewed
CVE-2016-4155
was published
May 13, 2022
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free...
High
Unreviewed
CVE-2018-4932
was published
May 14, 2022
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted...
High
Unreviewed
CVE-2021-20050
was published
Dec 24, 2021
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and...
High
Unreviewed
CVE-2021-20861
was published
Dec 2, 2021
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)...
High
Unreviewed
CVE-2021-33118
was published
Nov 18, 2021
ProTip!
Advisories are also available from the
GraphQL API