Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,440
Erlang
29
GitHub Actions
16
Go
1,666
Maven
4,926
npm
3,453
NuGet
594
pip
2,855
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+

23 advisories

Hidden Functionality vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Unknown Unreviewed
CVE-2024-28011 was published Mar 28, 2024
A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75)... High Unreviewed
CVE-2024-22044 was published Mar 12, 2024
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can... Moderate Unreviewed
CVE-2023-42134 was published Jan 15, 2024
A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified as critical. Affected by... Moderate Unreviewed
CVE-2023-4467 was published Dec 29, 2023
A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this... Low Unreviewed
CVE-2023-6614 was published Dec 8, 2023
In Snap One OvrC Pro versions prior to 7.2, when logged into the... High Unreviewed
CVE-2023-25183 was published May 22, 2023
A command execution vulnerability exists in the ubus backend communications functionality of... High Unreviewed
CVE-2022-36429 was published Mar 21, 2023
A command execution vulnerability exists in the hidden telnet service functionality of Netgear... High Unreviewed
CVE-2022-38452 was published Mar 21, 2023
Moodle has a Hidden Functionality vulnerability Moderate
CVE-2021-36403 was published for moodle/moodle (Composer) Mar 7, 2023
In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration... Critical Unreviewed
CVE-2022-3843 was published Feb 16, 2023
sweetalert2 v8.19.1 and above contains hidden functionality Low
GHSA-8jh9-wqpf-q52c was published for sweetalert2 (npm) Nov 23, 2022
sweetalert2 v9.17.4 and above contains hidden functionality Low
GHSA-pg98-6v7f-2xfv was published for sweetalert2 (npm) Nov 23, 2022
sweetalert2 v10.16.10 and above contains hidden functionality Low
GHSA-457r-cqc8-9vj9 was published for sweetalert2 (npm) Nov 23, 2022
sweetalert2 v11.4.9 and above contains hidden functionality Low
GHSA-qq6h-5g6j-q3cm was published for sweetalert2 (npm) Nov 23, 2022
limonte
On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot... Critical Unreviewed
CVE-2022-3203 was published Oct 21, 2022
Malware in ctx Critical
GHSA-4g82-3jcr-q52w was published for ctx (pip) May 25, 2022
A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This... High Unreviewed
CVE-2021-4229 was published May 25, 2022
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed
CVE-2020-12504 was published May 24, 2022
The affected product is vulnerable due to an undocumented interface found on the device, which... High Unreviewed
CVE-2020-16204 was published May 24, 2022
Hidden functionality in node-ipc Low
GHSA-8gr3-2gjw-jj7g was published for node-ipc (npm) Mar 16, 2022
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored... Critical Unreviewed
CVE-2021-24867 was published Feb 22, 2022
An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and... Critical Unreviewed
CVE-2021-43987 was published Dec 24, 2021
Embedded malware in ua-parser-js High
GHSA-pjwm-rvh2-c87w was published for ua-parser-js (npm) Oct 22, 2021
xtqqczze
ProTip! Advisories are also available from the GraphQL API