GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Filter by severity

Sort by

Least recently updated

The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does... High Unreviewed

CVE-2024-48336 was published Nov 4, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-50497 was published Oct 28, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-49243 was published Oct 18, 2024

Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component... High Unreviewed

CVE-2022-49038 was published Sep 26, 2024

The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init... High Unreviewed

CVE-2024-45416 was published Sep 16, 2024

Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server... High Unreviewed

CVE-2024-43690 was published Sep 11, 2024

The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed

CVE-2024-8252 was published Aug 30, 2024

Execution of downloaded content flaw in M-Files Web Companion before release version 23.10 and... High Unreviewed

CVE-2023-5523 was published Oct 20, 2023

Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-5762 was published Aug 21, 2024

In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the... High Unreviewed

CVE-2021-41037 was published Jul 9, 2022

An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee... High Unreviewed

CVE-2024-3043 was published Jun 27, 2024

A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link... High Unreviewed

CVE-2023-49133 was published Apr 9, 2024

A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link... High Unreviewed

CVE-2023-49134 was published Apr 9, 2024

A local file inclusion vulnerability via the lang parameter in OcoMon before v4.0.1 allows... High Unreviewed

CVE-2023-33559 was published Oct 26, 2023

There is insufficient sanitization of tainted file names that are directly concatenated with a... High Unreviewed

CVE-2023-2453 was published Sep 5, 2023

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration... High Unreviewed

CVE-2023-36609 was published Jul 3, 2023

The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request... High Unreviewed

CVE-2023-2249 was published Jun 9, 2023

Broad access controls could allow site users to directly interact with the system Apache... High Unreviewed

CVE-2022-46302 was published Apr 20, 2023

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This... High Unreviewed

CVE-2021-4229 was published May 25, 2022

PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and ... High Unreviewed

CVE-2004-0030 was published Apr 29, 2022

PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2)... High Unreviewed

CVE-2004-0285 was published Apr 29, 2022

The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0... High Unreviewed

CVE-2023-6971 was published Dec 23, 2023

A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6... High Unreviewed

CVE-2023-4591 was published Nov 3, 2023

PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1. High Unreviewed

CVE-2023-2551 was published May 5, 2023

Local File Inclusion vulnerability within Cloudflow allows attackers to retrieve confidential... High Unreviewed

CVE-2022-41216 was published Feb 22, 2023

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

49 advisories