Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,607
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

113 advisories

Loading
phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images... Moderate Unreviewed
CVE-2004-2257 was published Apr 29, 2022
Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system... High Unreviewed
CVE-2004-2144 was published Apr 29, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export.... High Unreviewed
CVE-2021-34588 was published Apr 28, 2022
A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP... High Unreviewed
CVE-2022-27480 was published Apr 13, 2022
A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as... High Unreviewed
CVE-2022-1077 was published Mar 30, 2022
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure... Moderate Unreviewed
CVE-2022-24385 was published Mar 15, 2022
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022... Moderate Unreviewed
CVE-2022-24932 was published Mar 11, 2022
Unsafe handling of user-specified cookies in treq Moderate
CVE-2022-23607 was published for treq (pip) Feb 1, 2022
glyph twm
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture... Moderate Unreviewed
CVE-2021-24046 was published Jan 15, 2022
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated... High Unreviewed
CVE-2021-24831 was published Jan 4, 2022
Forced Browsing in Twisted Moderate
CVE-2016-1000111 was published for twisted (pip) Apr 30, 2021
dot-prop Prototype Pollution vulnerability High
CVE-2020-8116 was published for dot-prop (npm) Jul 29, 2020
Open Redirect in url-parse Critical
CVE-2018-3774 was published for url-parse (npm) Aug 13, 2018
ProTip! Advisories are also available from the GraphQL API