Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,489
Maven
5,000+
npm
4,105
NuGet
735
pip
3,927
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,413 advisories

Loading
CandidATS version 3.0.0 allows an external attacker to perform CRUD operations on the application... Critical Unreviewed
CVE-2022-42744 was published Nov 4, 2022
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote... Critical Unreviewed
CVE-2022-22425 was published Nov 4, 2022
** UNSUPPPORTED WHEN ASSIGNED **Broken Access Control in User Authentication in Avaya Scopia... Critical Unreviewed
CVE-2022-38168 was published Nov 4, 2022
D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function... Critical Unreviewed
CVE-2022-43109 was published Nov 3, 2022
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime... Critical Unreviewed
CVE-2022-43106 was published Nov 3, 2022
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter... Critical Unreviewed
CVE-2022-43101 was published Nov 3, 2022
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in... Critical Unreviewed
CVE-2022-43107 was published Nov 3, 2022
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn... Critical Unreviewed
CVE-2022-43108 was published Nov 3, 2022
MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter. Critical Unreviewed
CVE-2020-22820 was published Nov 3, 2022
MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter. Critical Unreviewed
CVE-2020-22818 was published Nov 3, 2022
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter... Critical Unreviewed
CVE-2022-43102 was published Nov 3, 2022
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto... Critical Unreviewed
CVE-2022-43104 was published Nov 3, 2022
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in... Critical Unreviewed
CVE-2022-43103 was published Nov 3, 2022
MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter. Critical Unreviewed
CVE-2020-22819 was published Nov 3, 2022
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed... Critical Unreviewed
CVE-2022-43105 was published Nov 3, 2022
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all... Critical Unreviewed
CVE-2022-38381 was published Nov 2, 2022
Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2 v2.8.0 to v2.9.1 are vulnerable to... Critical Unreviewed
CVE-2022-3575 was published Nov 2, 2022
Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier... Critical Unreviewed
CVE-2022-24936 was published Nov 2, 2022
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in... Critical Unreviewed
CVE-2022-42808 was published Nov 2, 2022
A certificate validation issue existed in the handling of WKWebView. This issue was addressed... Critical Unreviewed
CVE-2022-42813 was published Nov 2, 2022
The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS... Critical Unreviewed
CVE-2022-32941 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware... Critical Unreviewed
CVE-2022-27585 was published Nov 2, 2022
Password recovery vulnerability in SICK SICK SIM4000 (PPC) Partnumber 1078787 allows an... Critical Unreviewed
CVE-2022-27582 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version < 2.0.0... Critical Unreviewed
CVE-2022-27586 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 and 1080579 allows an... Critical Unreviewed
CVE-2022-27584 was published Nov 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database