Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up... High Unreviewed
CVE-2022-2431 was published Sep 7, 2022
An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the... High Unreviewed
CVE-2021-27406 was published Oct 14, 2022
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below,... High Unreviewed
CVE-2021-43066 was published May 12, 2022
ExternalName Services can be used to gain access to Envoy's admin interface High
CVE-2021-32783 was published for github.com/projectcontour/contour (Go) Aug 30, 2021
josh-ferrell
In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to... High Unreviewed
CVE-2021-1003 was published Dec 16, 2021
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote... High Unreviewed
CVE-2019-3996 was published May 24, 2022
In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the... High Unreviewed
CVE-2018-9582 was published May 13, 2022
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an... High Unreviewed
CVE-2022-34669 was published Dec 31, 2022
In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to... High Unreviewed
CVE-2021-1035 was published Jan 15, 2022
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due... High Unreviewed
CVE-2021-39626 was published Jan 15, 2022
In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused... High Unreviewed
CVE-2021-39668 was published Feb 12, 2022
In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a... High Unreviewed
CVE-2021-39663 was published Feb 12, 2022
Password vault has a External Control of System or Configuration Setting vulnerability.Successful... High Unreviewed
CVE-2021-39971 was published Jan 4, 2022
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed
CVE-2023-40194 was published Nov 27, 2023
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356.... High Unreviewed
CVE-2023-39542 was published Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed
CVE-2023-35985 was published Nov 27, 2023
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple... High Unreviewed
CVE-2023-5247 was published Nov 30, 2023
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and... High Unreviewed
CVE-2022-2633 was published Sep 7, 2022
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register... High Unreviewed
CVE-2023-22616 was published Apr 12, 2023
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a... High Unreviewed
CVE-2023-21097 was published Apr 19, 2023
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of... High Unreviewed
CVE-2023-3256 was published Jun 22, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42733 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42732 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42891 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42893 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database