GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
109 advisories
Filter by severity
A vulnerability, which was classified as critical, was found in SourceCodester Inventory...
Moderate
Unreviewed
CVE-2023-4749
was published
Sep 4, 2023
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE
Critical
GHSA-97m3-52wr-xvv2
was published
for
phenx/php-svg-lib
(Composer)
Feb 22, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Insurance...
Moderate
Unreviewed
CVE-2024-2150
was published
Mar 3, 2024
A vulnerability was found in SourceCodester Best POS Management System 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-2155
was published
Mar 4, 2024
IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and...
Moderate
Unreviewed
CVE-2023-26282
was published
Mar 5, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message...
Moderate
Unreviewed
CVE-2023-47147
was published
Mar 15, 2024
GeoServer Arbitrary file renaming vulnerability in REST Coverage/Data Store API
Moderate
CVE-2024-23634
was published
for
org.geoserver:gs-restconfig
(Maven)
Mar 20, 2024
PaddlePaddle allows arbitrary file read via paddle.vision.ops.read_file
High
CVE-2024-1603
was published
for
paddlepaddle
(pip)
Mar 23, 2024
A vulnerability was found in Campcodes House Rental Management System 1.0. It has been declared...
Moderate
Unreviewed
CVE-2024-2917
was published
Mar 27, 2024
CloudLinux
CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to
the sendmail...
Moderate
Unreviewed
CVE-2020-36772
was published
Jan 22, 2024
A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open...
Moderate
Unreviewed
CVE-2024-21870
was published
Apr 3, 2024
A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of...
Moderate
Unreviewed
CVE-2024-22178
was published
Apr 3, 2024
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...
Moderate
Unreviewed
CVE-2023-0008
was published
May 10, 2023
Advantech R-SeeNet
versions 2.4.22
allows low-level users to access and load the content of...
High
Unreviewed
CVE-2023-3256
was published
Jun 22, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42733
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42732
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42891
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42893
was published
Jul 6, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open...
High
Unreviewed
CVE-2023-32615
was published
Sep 5, 2023
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in...
High
Unreviewed
CVE-2023-36634
was published
Sep 13, 2023
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated...
High
Unreviewed
CVE-2023-43074
was published
Oct 23, 2023
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation...
High
Unreviewed
CVE-2022-43513
was published
Jan 10, 2023
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3...
High
Unreviewed
CVE-2024-31492
was published
Apr 10, 2024
The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote...
Critical
Unreviewed
CVE-2023-4634
was published
Sep 6, 2023
ProTip!
Advisories are also available from the
GraphQL API