GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
56 advisories
Filter by severity
Local privilege escalation during installation due to improper soft link handling. The following...
High
Unreviewed
CVE-2022-46869
was published
Aug 31, 2023
CVE-2024-45826 IMPACT
Due to improper input validation, a path traversal and remote code...
High
Unreviewed
CVE-2024-45826
was published
Sep 12, 2024
HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during...
High
Unreviewed
CVE-2024-6717
was published
Jul 23, 2024
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42734
was published
Jul 6, 2023
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation...
High
Unreviewed
CVE-2022-43513
was published
Jan 10, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open...
High
Unreviewed
CVE-2023-32615
was published
Sep 5, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42893
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42891
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42732
was published
Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
High
Unreviewed
CVE-2022-42733
was published
Jul 6, 2023
Advantech R-SeeNet
versions 2.4.22
allows low-level users to access and load the content of...
High
Unreviewed
CVE-2023-3256
was published
Jun 22, 2023
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a...
High
Unreviewed
CVE-2023-21097
was published
Apr 19, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register...
High
Unreviewed
CVE-2023-22616
was published
Apr 12, 2023
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and...
High
Unreviewed
CVE-2022-2633
was published
Sep 7, 2022
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-30190
was published
Jun 2, 2022
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple...
High
Unreviewed
CVE-2023-5247
was published
Nov 30, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit...
High
Unreviewed
CVE-2023-40194
was published
Nov 27, 2023
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356....
High
Unreviewed
CVE-2023-39542
was published
Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit...
High
Unreviewed
CVE-2023-35985
was published
Nov 27, 2023
Password vault has a External Control of System or Configuration Setting vulnerability.Successful...
High
Unreviewed
CVE-2021-39971
was published
Jan 4, 2022
In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a...
High
Unreviewed
CVE-2021-39663
was published
Feb 12, 2022
In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused...
High
Unreviewed
CVE-2021-39668
was published
Feb 12, 2022
In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to...
High
Unreviewed
CVE-2021-1035
was published
Jan 15, 2022
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due...
High
Unreviewed
CVE-2021-39626
was published
Jan 15, 2022
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an...
High
Unreviewed
CVE-2022-34669
was published
Dec 31, 2022
ProTip!
Advisories are also available from the
GraphQL API