Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

242 advisories

Loading
The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the... High Unreviewed
CVE-2023-7204 was published Jan 29, 2024
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a... High Unreviewed
CVE-2020-16247 was published May 24, 2022
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this... High Unreviewed
CVE-2021-37133 was published Jan 4, 2022
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this... High Unreviewed
CVE-2022-44549 was published Nov 10, 2022
tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP. High Unreviewed
CVE-2017-6100 was published May 13, 2022
An issue in Univention UCS v.5.0 allows a local attacker to execute arbitrary code and gain... High Unreviewed
CVE-2023-38994 was published Oct 31, 2023
If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the... High Unreviewed
CVE-2022-45414 was published Dec 22, 2022
Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive... High Unreviewed
CVE-2022-42953 was published Dec 25, 2022
Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection... High Unreviewed
CVE-2012-1846 was published May 13, 2022
Qlik QlikView through 12.60.20100.0 creates a Temporary File in a Directory with Insecure... High Unreviewed
CVE-2021-41989 was published Jan 26, 2023
Qlik NPrinting Designer through 21.14.3.0 creates a Temporary File in a Directory with Insecure... High Unreviewed
CVE-2021-41988 was published Jan 26, 2023
Last Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing (CORS). High Unreviewed
CVE-2022-47717 was published Feb 1, 2023
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating... High Unreviewed
CVE-2023-26081 was published Feb 20, 2023
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15... High Unreviewed
CVE-2023-22892 was published Mar 8, 2023
An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR... High Unreviewed
CVE-2023-26243 was published Apr 27, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console... High Unreviewed
CVE-2023-28344 was published May 31, 2023
On Unix platforms, the Go runtime does not behave differently when a binary is run with the... High Unreviewed
CVE-2023-29403 was published Jun 8, 2023
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain... High Unreviewed
CVE-2024-43704 was published Nov 18, 2024
Windows GDI Information Disclosure Vulnerability. High Unreviewed
CVE-2022-21904 was published Jan 12, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915. High Unreviewed
CVE-2022-21880 was published Jan 12, 2022
Exposure of resource to wrong sphere in some Intel(R) processors with Intel(R) ACTM may allow a... High Unreviewed
CVE-2024-24985 was published Nov 13, 2024
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
Insecure temporary file in the installer for Zoom Rooms before version 5.15.0 may allow an... High Unreviewed
CVE-2023-34119 was published Jul 11, 2023
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download... High Unreviewed
CVE-2021-20124 was published May 24, 2022
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download... High Unreviewed
CVE-2021-20123 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database