Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,359
Maven
5,000+
npm
3,980
NuGet
720
pip
3,778
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

503 advisories

Loading
ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user... High Unreviewed
CVE-2023-25719 was published Feb 13, 2023
A Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0... High Unreviewed
CVE-2025-47867 was published Jun 17, 2025
A vulnerability classified as critical was found in FLIR AX8 up to 1.46.16. This vulnerability... High Unreviewed
CVE-2025-5126 was published May 24, 2025
XStream is vulnerable to a Remote Command Execution attack High
CVE-2021-29505 was published for com.thoughtworks.xstream:xstream (Maven) May 18, 2021
decsecre583
A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16... High Unreviewed
CVE-2025-0528 was published Jan 17, 2025
Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options.... High Unreviewed
CVE-2022-37027 was published Sep 22, 2022
A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0... High Unreviewed
CVE-2023-1059 was published Feb 27, 2023
A vulnerability, which was classified as critical, has been found in SourceCodester Doctors... High Unreviewed
CVE-2023-1061 was published Feb 27, 2023
A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4... High Unreviewed
CVE-2022-2992 was published Oct 17, 2022
Liferay Portal and Liferay DXP Vulnerable to Arbitrary Code Execution High
CVE-2020-13445 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
Improper control of a resource identifier in Error Tracking in GitLab CE/EE affecting all... High Unreviewed
CVE-2022-3060 was published Oct 17, 2022
A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. This... High Unreviewed
CVE-2025-4349 was published May 6, 2025
A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. This... High Unreviewed
CVE-2025-4350 was published May 6, 2025
Account Takeover Through Password Reset Poisoning High
CVE-2022-33012 was published for microweber/microweber (Composer) Nov 22, 2022
A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and... High Unreviewed
CVE-2022-35507 was published Dec 4, 2022
Apache Struts forced double OGNL evaluation High
CVE-2016-4461 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
Two potential audit log injections in SAP HANA extended application services 1.0, advanced model:... High Unreviewed
CVE-2017-16680 was published May 14, 2022
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program... High Unreviewed
CVE-2017-17523 was published May 14, 2022
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the... High Unreviewed
CVE-2017-17512 was published May 14, 2022
The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary ... High Unreviewed
CVE-2015-4075 was published May 13, 2022
A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An ... High Unreviewed
CVE-2017-6031 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by... High Unreviewed
CVE-2017-7703 was published May 14, 2022
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products ... High Unreviewed
CVE-2017-3547 was published May 13, 2022
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify... High Unreviewed
CVE-2015-8258 was published May 17, 2022
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to... High Unreviewed
CVE-2017-6971 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database