Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,320 advisories

Loading
An issue found in DepositGame v.1.0 allows an attacker to gain sensitive information via the... Critical Unreviewed
CVE-2020-22647 was published Mar 16, 2023
Cross Site Scripting vulnerability found in Markdown Edit allows a remote attacker to execute... Critical Unreviewed
CVE-2020-19947 was published Mar 16, 2023
A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as... Critical Unreviewed
CVE-2023-1432 was published Mar 16, 2023
Online Book Store Project v1.0 is vulnerable to SQL Injection via /bookstore/bookPerPub.php. Critical Unreviewed
CVE-2023-27250 was published Mar 16, 2023
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate... Critical Unreviewed
CVE-2023-25280 was published Mar 16, 2023
Command execution vulnerability was discovered in JHR-N916R router firmware version<=21.11.1.1483. Critical Unreviewed
CVE-2023-24795 was published Mar 16, 2023
SA-WR915ND router firmware v17.35.1 was discovered to be vulnerable to code execution. Critical Unreviewed
CVE-2023-23150 was published Mar 16, 2023
SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to... Critical Unreviewed
CVE-2023-26784 was published Mar 16, 2023
Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2 Critical Unreviewed
CVE-2023-24468 was published Mar 16, 2023
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed
CVE-2023-28461 was published Mar 16, 2023
The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and... Critical Unreviewed
CVE-2020-27507 was published Mar 15, 2023
An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to... Critical Unreviewed
CVE-2023-25344 was published Mar 15, 2023
A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Affected is an... Critical Unreviewed
CVE-2023-1416 was published Mar 15, 2023
A vulnerability was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0... Critical Unreviewed
CVE-2023-1379 was published Mar 15, 2023
Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2023-24726 was published Mar 15, 2023
In Stellarium through 1.2, attackers can write to files that are typically unintended, such as... Critical Unreviewed
CVE-2023-28371 was published Mar 15, 2023
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip... Critical Unreviewed
CVE-2023-27240 was published Mar 15, 2023
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at... Critical Unreviewed
CVE-2023-27239 was published Mar 15, 2023
An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1... Critical Unreviewed
CVE-2023-27757 was published Mar 15, 2023
Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass... Critical Unreviewed
CVE-2023-1327 was published Mar 15, 2023
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in... Critical Unreviewed
CVE-2023-28343 was published Mar 14, 2023
A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0... Critical Unreviewed
CVE-2023-26511 was published Mar 14, 2023
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2023-23415 was published Mar 14, 2023
HTTP Protocol Stack Remote Code Execution Vulnerability Critical Unreviewed
CVE-2023-23392 was published Mar 14, 2023
Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-23397 was published Mar 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database