GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,969
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,332 advisories
Filter by severity
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac...
High
Unreviewed
CVE-2023-0053
was published
Jul 6, 2023
A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a...
High
Unreviewed
CVE-2023-0030
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database...
High
Unreviewed
CVE-2022-47163
was published
Jul 6, 2023
The YouTube Embedded 1.2 SDK binds to a service within the YouTube Main App. After binding, a...
High
Unreviewed
CVE-2023-0460
was published
Jul 6, 2023
The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site...
High
Unreviewed
CVE-2020-36669
was published
Jul 6, 2023
Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content...
High
Unreviewed
CVE-2023-28338
was published
Jul 6, 2023
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual...
High
Unreviewed
CVE-2021-21548
was published
Jul 6, 2023
When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden ...
High
Unreviewed
CVE-2023-28337
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour...
High
Unreviewed
CVE-2023-25708
was published
Jul 6, 2023
Zoom for Windows clients before version 5.13.3, Zoom Rooms for Windows clients before version 5...
High
Unreviewed
CVE-2023-22880
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Obox Themes Launchpad – Coming Soon &...
High
Unreviewed
CVE-2022-46854
was published
Jul 6, 2023
Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker...
High
Unreviewed
CVE-2022-27677
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Forms by CaptainForm – Form Builder for...
High
Unreviewed
CVE-2022-43459
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB...
High
Unreviewed
CVE-2022-1607
was published
Jul 6, 2023
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by...
High
Unreviewed
CVE-2023-0104
was published
Jul 6, 2023
HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured
High
CVE-2023-0690
was published
for
github.com/hashicorp/boundary
(Go)
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in TeraWallet – For WooCommerce plugin <= 1.3.24...
High
Unreviewed
CVE-2022-36401
was published
Jul 6, 2023
B&R APROL versions < R 4.2-07 doesn’t process correctly specially formatted data packages sent to...
High
Unreviewed
CVE-2022-43765
was published
Jul 6, 2023
All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1...
High
Unreviewed
CVE-2022-4634
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) in OptinlyHQ Optinly – Exit Intent, Newsletter Popups,...
High
Unreviewed
CVE-2022-41134
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin...
High
Unreviewed
CVE-2023-25065
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz...
High
Unreviewed
CVE-2022-46862
was published
Jul 6, 2023
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23...
High
Unreviewed
CVE-2023-23835
was published
Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ...
High
Unreviewed
CVE-2023-22941
was published
Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing...
High
Unreviewed
CVE-2023-22939
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API