GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,430 advisories
Filter by severity
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a...
High
Unreviewed
CVE-2022-4744
was published
Jul 6, 2023
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local...
High
Unreviewed
CVE-2023-0975
was published
Jul 6, 2023
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg...
High
Unreviewed
CVE-2023-1425
was published
Jul 6, 2023
A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom...
High
Unreviewed
CVE-2021-41526
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo – Social Network,...
High
Unreviewed
CVE-2022-41633
was published
Jul 6, 2023
Jenkins AbsInt a³ Plugin XML External Entity Reference vulnerability
High
CVE-2023-28685
was published
for
org.jenkins-ci.plugins:absint-a3
(Maven)
Jul 6, 2023
Softnext Technologies Corp.’s SPAM SQR has a vulnerability of Code Injection within its specific...
High
Unreviewed
CVE-2023-24835
was published
Jul 6, 2023
The Formidable PRO2PDF WordPress Plugin, version < 3.11, is affected by an authenticated SQL...
High
Unreviewed
CVE-2023-28663
was published
Jul 6, 2023
A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers...
High
Unreviewed
CVE-2023-1252
was published
Jul 6, 2023
Pluck CMS is vulnerable to an authenticated remote code execution (RCE) vulnerability through its...
High
Unreviewed
CVE-2023-25828
was published
Jul 6, 2023
An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files...
High
Unreviewed
CVE-2023-1305
was published
Jul 6, 2023
Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If...
High
Unreviewed
CVE-2023-28597
was published
Jul 6, 2023
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS...
High
Unreviewed
CVE-2023-0210
was published
Jul 6, 2023
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid...
High
Unreviewed
CVE-2023-0386
was published
Jul 6, 2023
Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation
High
CVE-2023-24999
was published
for
github.com/hashicorp/vault
(Go)
Jul 6, 2023
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first...
High
Unreviewed
CVE-2022-3424
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG...
High
Unreviewed
CVE-2022-47143
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database...
High
Unreviewed
CVE-2022-47163
was published
Jul 6, 2023
The Envato Elements & Download and Template Kit – Import plugins for WordPress are vulnerable to...
High
Unreviewed
CVE-2021-4330
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour...
High
Unreviewed
CVE-2023-25708
was published
Jul 6, 2023
The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site...
High
Unreviewed
CVE-2020-36669
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Dannie Herdyawan DH – Anti AdBlocker plugin <=...
High
Unreviewed
CVE-2022-47162
was published
Jul 6, 2023
Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content...
High
Unreviewed
CVE-2023-28338
was published
Jul 6, 2023
When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden ...
High
Unreviewed
CVE-2023-28337
was published
Jul 6, 2023
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The...
High
Unreviewed
CVE-2023-1390
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API