GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
52 advisories
Filter by severity
Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar...
Moderate
Unreviewed
CVE-2022-0377
was published
Mar 1, 2022
The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form...
Moderate
Unreviewed
CVE-2022-0593
was published
Mar 15, 2022
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to...
Moderate
Unreviewed
CVE-2021-24966
was published
Mar 15, 2022
The settings of the iQ Block Country WordPress plugin before 1.2.13 can be exported or imported...
Moderate
Unreviewed
CVE-2022-0246
was published
Apr 12, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on...
Moderate
Unreviewed
CVE-2021-27250
was published
May 24, 2022
A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of...
Moderate
Unreviewed
CVE-2022-34765
was published
Jul 14, 2022
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6...
Moderate
Unreviewed
CVE-2022-28710
was published
Aug 23, 2022
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of...
Moderate
Unreviewed
CVE-2022-32761
was published
Aug 23, 2022
The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be...
Moderate
Unreviewed
CVE-2022-2638
was published
Aug 29, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary...
Moderate
Unreviewed
CVE-2022-2943
was published
Sep 7, 2022
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an...
Moderate
Unreviewed
CVE-2023-0003
was published
Feb 8, 2023
The Plus Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in...
Moderate
Unreviewed
CVE-2021-4332
was published
Mar 7, 2023
A vulnerability has been found in SourceCodester Student Study Center Desk Management System 1.0...
Moderate
Unreviewed
CVE-2023-2152
was published
Apr 18, 2023
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...
Moderate
Unreviewed
CVE-2023-0008
was published
May 10, 2023
A vulnerability, which was classified as critical, has been found in SourceCodester Resort...
Moderate
Unreviewed
CVE-2023-4191
was published
Aug 7, 2023
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2023-20234
was published
Aug 23, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Inventory...
Moderate
Unreviewed
CVE-2023-4749
was published
Sep 4, 2023
A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software...
Moderate
Unreviewed
CVE-2023-20114
was published
Nov 1, 2023
This external control vulnerability, if exploited, could allow a local OS-authenticated user...
Moderate
Unreviewed
CVE-2023-34982
was published
Nov 15, 2023
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been...
Moderate
Unreviewed
CVE-2023-6618
was published
Dec 8, 2023
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-0265
was published
Jan 7, 2024
An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path...
Moderate
Unreviewed
CVE-2023-47171
was published
Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49863
was published
Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49862
was published
Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49864
was published
Jan 10, 2024
ProTip!
Advisories are also available from the
GraphQL API