GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,969
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
91 advisories
Filter by severity
Remote Command program allows an attacker to read any file using a Local File Inclusion...
Moderate
Unreviewed
CVE-2024-27175
was published
Jun 14, 2024
Remote code execution in web server context
High
CVE-2024-37295
was published
for
aimeos/aimeos-core
(Composer)
Jun 5, 2024
A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of...
High
Unreviewed
CVE-2024-20366
was published
May 15, 2024
A vulnerability was found in Campcodes Online Laundry Management System 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-4818
was published
May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or...
Moderate
Unreviewed
CVE-2024-25965
was published
May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected...
High
Unreviewed
CVE-2024-27943
was published
May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import...
High
Unreviewed
CVE-2024-27945
was published
May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected...
High
Unreviewed
CVE-2024-27944
was published
May 14, 2024
NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a...
Moderate
Unreviewed
CVE-2024-0100
was published
May 14, 2024
NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the...
Critical
Unreviewed
CVE-2024-0087
was published
May 14, 2024
Moodle External Control of File Name or Path vulnerability
Moderate
CVE-2023-30943
was published
for
moodle/moodle
(Composer)
May 2, 2023
timber/timber vulnerable to Deserialization of Untrusted Data
High
CVE-2024-29800
was published
for
timber/timber
(Composer)
Apr 12, 2024
Windows Compressed Folder Tampering Vulnerability
Moderate
Unreviewed
CVE-2024-26185
was published
Mar 12, 2024
Windows HTML Platforms Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-20652
was published
Jan 9, 2024
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42734
was published
Jul 6, 2023
The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote...
Critical
Unreviewed
CVE-2023-4634
was published
Sep 6, 2023
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3...
High
Unreviewed
CVE-2024-31492
was published
Apr 10, 2024
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation...
High
Unreviewed
CVE-2022-43513
was published
Jan 10, 2023
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated...
High
Unreviewed
CVE-2023-43074
was published
Oct 23, 2023
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in...
High
Unreviewed
CVE-2023-36634
was published
Sep 13, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open...
High
Unreviewed
CVE-2023-32615
was published
Sep 5, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42893
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42891
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42732
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API