GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,079
Erlang
29
GitHub Actions
19
Go
1,905
Maven
5,000+
npm
3,636
NuGet
638
pip
3,254
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
228,713 advisories
Filter by severity
NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This...
Moderate
Unreviewed
CVE-2022-42284
was published
Jan 13, 2023
A vulnerability, which was classified as critical, has been found in pointhi searx_stats. This...
Critical
Unreviewed
CVE-2014-125077
was published
Jan 15, 2023
A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp....
Critical
Unreviewed
CVE-2022-4890
was published
Jan 16, 2023
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A...
High
Unreviewed
CVE-2023-23595
was published
Jan 15, 2023
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and...
High
Unreviewed
CVE-2022-42287
was published
Jan 13, 2023
DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a...
High
Unreviewed
CVE-2022-42285
was published
Jan 13, 2023
A vulnerability was found in Little Apps Little Software Stats. It has been declared as critical....
Critical
Unreviewed
CVE-2015-10057
was published
Jan 16, 2023
A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic....
Moderate
Unreviewed
CVE-2023-0327
was published
Jan 16, 2023
The WP Attachments WordPress plugin through 5.0.5 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2022-4330
was published
Jan 16, 2023
The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a...
High
Unreviewed
CVE-2022-4327
was published
Jan 16, 2023
The Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize...
Moderate
Unreviewed
CVE-2022-4442
was published
Jan 16, 2023
Themify Portfolio Post WordPress plugin before 1.2.1 does not validate and escapes some of its...
Moderate
Unreviewed
CVE-2022-4464
was published
Jan 16, 2023
In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to...
High
Unreviewed
CVE-2022-41860
was published
Jan 17, 2023
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote...
Moderate
Unreviewed
CVE-2022-39195
was published
Jan 17, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15420
was published
May 24, 2022
CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 and 7) allows SQL Injection via the ...
High
Unreviewed
CVE-2020-10230
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15433
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15613
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15432
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15620
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15426
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15610
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15616
was published
May 24, 2022
The Sidebar Widgets by CodeLights WordPress plugin through 1.4 does not validate and escape some...
Moderate
Unreviewed
CVE-2022-4460
was published
Jan 16, 2023
A XSS vulnerability was found in phoromatic_r_add_test_details.php in phoronix-test-suite.
Moderate
Unreviewed
CVE-2022-40704
was published
Jan 17, 2023
ProTip!
Advisories are also available from the
GraphQL API