Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,704 advisories

Loading
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29800 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29798 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain multiple command injection... Critical Unreviewed
CVE-2023-29801 was published Apr 14, 2023
Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication... Critical Unreviewed
CVE-2022-3748 was published Apr 14, 2023
Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277... Critical Unreviewed
CVE-2023-27648 was published Apr 14, 2023
Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary... Critical Unreviewed
CVE-2022-47027 was published Apr 14, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1863 was published Apr 14, 2023
froxlor/froxlor vulnerable to unrestricted upload of file with dangerous type Critical
CVE-2023-2034 was published for froxlor/froxlor (Composer) Apr 14, 2023
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-29622 was published Apr 14, 2023
Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a... Critical Unreviewed
CVE-2023-26918 was published Apr 14, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded... Critical Unreviewed
CVE-2023-27748 was published Apr 13, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase... Critical Unreviewed
CVE-2023-27746 was published Apr 13, 2023
Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2023-27667 was published Apr 13, 2023
AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user... Critical Unreviewed
CVE-2023-27779 was published Apr 13, 2023
bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed
CVE-2023-27812 was published Apr 13, 2023
lmxcms v1.4.1 was discovered to contain a SQL injection vulnerability via the setbook parameter... Critical Unreviewed
CVE-2023-29598 was published Apr 13, 2023
memory corruption in modem due to improper check while calculating size of serialized CoAP message Critical Unreviewed
CVE-2022-33211 was published Apr 13, 2023
Memory corruption due to buffer copy without checking the size of input in modem while decoding... Critical Unreviewed
CVE-2022-33259 was published Apr 13, 2023
Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based... Critical Unreviewed
CVE-2022-25740 was published Apr 13, 2023
Memory corruption in modem due to improper input validation while handling the incoming CoAP message Critical Unreviewed
CVE-2022-25745 was published Apr 13, 2023
Memory correction in modem due to buffer overwrite during coap connection Critical Unreviewed
CVE-2022-25678 was published Apr 13, 2023
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an... Critical Unreviewed
CVE-2023-28121 was published Apr 12, 2023
vm2 Sandbox Escape vulnerability Critical
CVE-2023-29199 was published for vm2 (npm) Apr 12, 2023
leesh3288
Credited to leesh3288
org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins Critical
CVE-2023-29206 was published for org.xwiki.platform:xwiki-platform-skin-skinx (Maven) Apr 12, 2023
org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro Critical
CVE-2023-29205 was published for org.xwiki.platform:xwiki-platform-rendering-xwiki (Maven) Apr 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database