GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
37 advisories
Filter by severity
ws-scrcpy is vulnerable to External Control of File Name or Path
High
Unreviewed
CVE-2021-3845
was published
Jan 5, 2022
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up...
High
Unreviewed
CVE-2022-2431
was published
Sep 7, 2022
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation...
High
Unreviewed
CVE-2022-43513
was published
Jan 10, 2023
External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3.
High
Unreviewed
CVE-2023-1105
was published
Mar 1, 2023
External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0.
High
Unreviewed
CVE-2023-2554
was published
May 5, 2023
Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A...
High
Unreviewed
CVE-2023-28603
was published
Jun 13, 2023
Advantech R-SeeNet
versions 2.4.22
allows low-level users to access and load the content of...
High
Unreviewed
CVE-2023-3256
was published
Jun 22, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42734
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42891
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42733
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42732
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42893
was published
Jul 6, 2023
A vulnerability was found in Boss Mini 1.4.0 Build 6221. It has been classified as critical. This...
High
Unreviewed
CVE-2023-3643
was published
Jul 12, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open...
High
Unreviewed
CVE-2023-32615
was published
Sep 5, 2023
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in...
High
Unreviewed
CVE-2023-36634
was published
Sep 13, 2023
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated...
High
Unreviewed
CVE-2023-43074
was published
Oct 23, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit...
High
Unreviewed
CVE-2023-40194
was published
Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit...
High
Unreviewed
CVE-2023-35985
was published
Nov 27, 2023
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356....
High
Unreviewed
CVE-2023-39542
was published
Nov 27, 2023
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple...
High
Unreviewed
CVE-2023-5247
was published
Nov 30, 2023
Windows HTML Platforms Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-20652
was published
Jan 9, 2024
An information disclosure vulnerability exists in the image404Raw.php functionality of WWBN...
High
Unreviewed
CVE-2023-49738
was published
Jan 10, 2024
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3...
High
Unreviewed
CVE-2024-31492
was published
Apr 10, 2024
An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec...
High
Unreviewed
CVE-2024-33671
was published
Apr 26, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected...
High
Unreviewed
CVE-2024-27943
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API