GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,537
Composer 4,454
Erlang 33
GitHub Actions 22
Go 2,153
Maven 5,330
npm 3,818
NuGet 693
pip 3,492
Pub 12
RubyGems 902
Rust 903
Swift 38

Unreviewed advisories

All unreviewed 247,010

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

38 advisories

Filter by severity

Sort by

Least recently updated

Zenitel AlphaWeb XE v11.2.3.10 was discovered to contain a local file inclusion vulnerability via... Moderate Unreviewed

CVE-2024-57785 was published Jan 17, 2025

An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online... Moderate Unreviewed

CVE-2024-55058 was published Dec 17, 2024

The Qi Addons For Elementor plugin for WordPress is vulnerable to Remote File Inclusion in all... High Unreviewed

CVE-2024-4887 was published Jun 7, 2024

Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2023-42125 was published May 3, 2024

D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model... Critical Unreviewed

CVE-2023-31814 was published May 23, 2023

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of... Critical Unreviewed

CVE-2022-30257 was published Nov 22, 2022

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of... Critical Unreviewed

CVE-2022-30258 was published Nov 22, 2022

Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Reading arbitrary... Moderate Unreviewed

CVE-2022-30621 was published Jul 19, 2022

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when... High Unreviewed

CVE-2022-27778 was published Jun 3, 2022

The employee management page of Flygo contains an Insecure Direct Object Reference (IDOR)... Moderate Unreviewed

CVE-2021-37215 was published May 24, 2022

The check-in record page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability.... Moderate Unreviewed

CVE-2021-37213 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API... Critical Unreviewed

CVE-2021-40539 was published May 24, 2022

The bulletin function of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability.... Moderate Unreviewed

CVE-2021-37212 was published May 24, 2022

The employee management page of Flygo contains Insecure Direct Object Reference (IDOR)... High Unreviewed

CVE-2021-37214 was published May 24, 2022

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse,... High Unreviewed

CVE-2021-22924 was published May 24, 2022

CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink()... Critical Unreviewed

CVE-2021-37144 was published May 24, 2022

Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2021-35337 was published May 24, 2022

Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations,... Moderate Unreviewed

CVE-2021-32054 was published May 24, 2022

The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the... Moderate Unreviewed

CVE-2020-4719 was published May 24, 2022

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An... Moderate Unreviewed

CVE-2020-35566 was published May 24, 2022

MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, 10.5.x before 10.5.1.1, 10... High Unreviewed

CVE-2020-15505 was published May 24, 2022

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles... High Unreviewed

CVE-2020-12278 was published May 24, 2022

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles... High Unreviewed

CVE-2020-12279 was published May 24, 2022

An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't... Critical Unreviewed

CVE-2020-10574 was published May 24, 2022

The Java API in Generalitat de Catalunya accesuniversitat.gencat.cat 1.7.5 allows remote... Moderate Unreviewed

CVE-2019-12837 was published May 24, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

38 advisories