Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

24,636 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1723 was published Apr 17, 2023
jeecg-boot vulnerable to SQL injection Critical
CVE-2023-1741 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Mar 31, 2023
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused... Critical Unreviewed
CVE-2023-27286 was published Apr 2, 2023
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused... Critical Unreviewed
CVE-2023-27284 was published Apr 2, 2023
Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and... Critical Unreviewed
CVE-2022-45460 was published Mar 29, 2023
safe-eval vulnerable to Prototype Pollution via the safeEval function Critical
CVE-2023-26121 was published for safe-eval (npm) Apr 11, 2023
Apache Airflow Hive Provider vulnerable to code injection Critical
CVE-2023-28706 was published for apache-airflow-providers-apache-hive (pip) Apr 7, 2023
Apache Kylin vulnerable to Command injection by Diagnosis Controller Critical
CVE-2022-44621 was published for org.apache.kylin:kylin-server-base (Maven) Dec 30, 2022
Read of uninitialized memory in cdr Critical
CVE-2021-26305 was published for cdr (Rust) Aug 25, 2021
tdunlap607
Command Injection in node-windows Critical
CVE-2021-45459 was published for node-windows (npm) Jan 5, 2022
dwisiswant0 tdunlap607
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1863 was published Apr 14, 2023
SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate... Critical Unreviewed
CVE-2023-26858 was published Mar 31, 2023
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2022-36983 was published Mar 29, 2023
A vulnerability has been found in SourceCodester Simple Task Allocation System 1.0 and classified... Critical Unreviewed
CVE-2023-1791 was published Apr 2, 2023
AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being... Critical Unreviewed
CVE-2023-28731 was published Mar 30, 2023
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file... Critical Unreviewed
CVE-2022-47190 was published Apr 1, 2023
The web configuration service of the affected device contains an authenticated command injection... Critical Unreviewed
CVE-2023-0432 was published Mar 31, 2023
Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an... Critical Unreviewed
CVE-2022-47189 was published Apr 1, 2023
A vulnerability was found in SourceCodester Simple Mobile Comparison Website 1.0 and classified... Critical Unreviewed
CVE-2023-1792 was published Apr 2, 2023
A vulnerability was found in Rockoa 2.3.2. It has been declared as critical. This vulnerability... Critical Unreviewed
CVE-2023-1773 was published Mar 31, 2023
RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147... Critical Unreviewed
CVE-2022-44877 was published Jan 6, 2023
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the... Critical Unreviewed
CVE-2023-25210 was published Apr 7, 2023
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the... Critical Unreviewed
CVE-2023-25216 was published Apr 7, 2023
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the... Critical Unreviewed
CVE-2023-25215 was published Apr 7, 2023
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the... Critical Unreviewed
CVE-2023-25217 was published Apr 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database