Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,343
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,946 advisories

Loading
In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the... Critical Unreviewed
CVE-2022-3485 was published Dec 12, 2022
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not... Critical Unreviewed
CVE-2022-46908 was published Dec 12, 2022
A vulnerability was found in TicklishHoneyBee nodau. It has been rated as critical. Affected by... Critical Unreviewed
CVE-2022-4399 was published Dec 11, 2022
egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package... Critical Unreviewed
CVE-2022-45145 was published Dec 10, 2022
Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed
CVE-2022-45290 was published Dec 9, 2022
A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400... Critical Unreviewed
CVE-2022-4390 was published Dec 9, 2022
The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background... Critical Unreviewed
CVE-2022-4170 was published Dec 9, 2022
Mingsoft MCMS vulnerable to SQL Injection Critical
CVE-2022-4375 was published for net.mingsoft:ms-mcms (Maven) Dec 9, 2022
A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier... Critical Unreviewed
CVE-2022-33186 was published Dec 9, 2022
Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full... Critical Unreviewed
CVE-2022-44938 was published Dec 8, 2022
Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-45506 was published Dec 8, 2022
Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at... Critical Unreviewed
CVE-2022-45499 was published Dec 8, 2022
Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-45497 was published Dec 8, 2022
A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16.... Critical Unreviewed
CVE-2022-4364 was published Dec 8, 2022
A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected... Critical Unreviewed
CVE-2022-4353 was published Dec 8, 2022
A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by... Critical Unreviewed
CVE-2022-4354 was published Dec 8, 2022
The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap... Critical Unreviewed
CVE-2022-4291 was published Dec 8, 2022
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE). Critical Unreviewed
CVE-2022-45550 was published Dec 7, 2022
Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin... Critical Unreviewed
CVE-2022-44351 was published Dec 7, 2022
hope-boot 1.0.0 has a deserialization vulnerability that can cause Remote Code Execution (RCE). Critical Unreviewed
CVE-2022-44371 was published Dec 7, 2022
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed
CVE-2022-42458 was published Dec 7, 2022
PaddlePaddle vulnerable to Code Injection Critical
CVE-2022-46742 was published for paddlepaddle (pip) Dec 7, 2022
mattberry3
PaddlePaddle Out-of-bounds Read vulnerability Critical
CVE-2022-46741 was published for paddlepaddle (pip) Dec 7, 2022
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to... Critical Unreviewed
CVE-2022-3643 was published Dec 7, 2022
Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a... Critical Unreviewed
CVE-2022-45025 was published Dec 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database