Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

93,430 advisories

Loading
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a... High Unreviewed
CVE-2022-4744 was published Jul 6, 2023
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local... High Unreviewed
CVE-2023-0975 was published Jul 6, 2023
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg... High Unreviewed
CVE-2023-1425 was published Jul 6, 2023
A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom... High Unreviewed
CVE-2021-41526 was published Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo – Social Network,... High Unreviewed
CVE-2022-41633 was published Jul 6, 2023
Jenkins AbsInt a³ Plugin XML External Entity Reference vulnerability High
CVE-2023-28685 was published for org.jenkins-ci.plugins:absint-a3 (Maven) Jul 6, 2023
Softnext Technologies Corp.’s SPAM SQR has a vulnerability of Code Injection within its specific... High Unreviewed
CVE-2023-24835 was published Jul 6, 2023
The Formidable PRO2PDF WordPress Plugin, version < 3.11, is affected by an authenticated SQL... High Unreviewed
CVE-2023-28663 was published Jul 6, 2023
A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers... High Unreviewed
CVE-2023-1252 was published Jul 6, 2023
Pluck CMS is vulnerable to an authenticated remote code execution (RCE) vulnerability through its... High Unreviewed
CVE-2023-25828 was published Jul 6, 2023
An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files... High Unreviewed
CVE-2023-1305 was published Jul 6, 2023
Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If... High Unreviewed
CVE-2023-28597 was published Jul 6, 2023
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS... High Unreviewed
CVE-2023-0210 was published Jul 6, 2023
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid... High Unreviewed
CVE-2023-0386 was published Jul 6, 2023
Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation High
CVE-2023-24999 was published for github.com/hashicorp/vault (Go) Jul 6, 2023
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first... High Unreviewed
CVE-2022-3424 was published Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG... High Unreviewed
CVE-2022-47143 was published Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database... High Unreviewed
CVE-2022-47163 was published Jul 6, 2023
The Envato Elements & Download and Template Kit – Import plugins for WordPress are vulnerable to... High Unreviewed
CVE-2021-4330 was published Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour... High Unreviewed
CVE-2023-25708 was published Jul 6, 2023
The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2020-36669 was published Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Dannie Herdyawan DH – Anti AdBlocker plugin <=... High Unreviewed
CVE-2022-47162 was published Jul 6, 2023
Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content... High Unreviewed
CVE-2023-28338 was published Jul 6, 2023
When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden ... High Unreviewed
CVE-2023-28337 was published Jul 6, 2023
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The... High Unreviewed
CVE-2023-1390 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API