GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,400

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a... Moderate Unreviewed

CVE-2019-0220 was published May 24, 2022

Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Reading arbitrary... Moderate Unreviewed

CVE-2022-30621 was published Jul 19, 2022

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow... High Unreviewed

CVE-2022-29445 was published May 19, 2022

Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company... Moderate Unreviewed

CVE-2022-29448 was published May 21, 2022

The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the... Moderate Unreviewed

CVE-2020-4719 was published May 24, 2022

Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations,... Moderate Unreviewed

CVE-2021-32054 was published May 24, 2022

Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2021-35337 was published May 24, 2022

CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink()... Critical Unreviewed

CVE-2021-37144 was published May 24, 2022

The employee management page of Flygo contains Insecure Direct Object Reference (IDOR)... High Unreviewed

CVE-2021-37214 was published May 24, 2022

The bulletin function of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability.... Moderate Unreviewed

CVE-2021-37212 was published May 24, 2022

The check-in record page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability.... Moderate Unreviewed

CVE-2021-37213 was published May 24, 2022

The employee management page of Flygo contains an Insecure Direct Object Reference (IDOR)... Moderate Unreviewed

CVE-2021-37215 was published May 24, 2022

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of... Critical Unreviewed

CVE-2022-30258 was published Nov 22, 2022

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of... Critical Unreviewed

CVE-2022-30257 was published Nov 22, 2022

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and... High Unreviewed

CVE-2018-12020 was published May 13, 2022

MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code... Critical Unreviewed

CVE-2019-7731 was published May 13, 2022

An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by... Critical Unreviewed

CVE-2019-8908 was published May 13, 2022

A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection ... Moderate Unreviewed

CVE-2018-0237 was published May 13, 2022

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly... High Unreviewed

CVE-2019-0571 was published May 13, 2022

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic... Moderate Unreviewed

CVE-2019-0816 was published May 13, 2022

An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code... High Unreviewed

CVE-2019-9616 was published May 13, 2022

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An... Moderate Unreviewed

CVE-2020-35566 was published May 24, 2022

Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0... Moderate Unreviewed

CVE-2018-6112 was published May 13, 2022

Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to... Moderate Unreviewed

CVE-2022-0855 was published Mar 5, 2022

MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, 10.5.x before 10.5.1.1, 10... High Unreviewed

CVE-2020-15505 was published May 24, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34 advisories