GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+ Composer
5,000+ Erlang
39 GitHub Actions
38 Go
2,748 Maven
5,000+ npm
4,351 NuGet
765 pip
4,114 Pub
12 RubyGems
960 Rust
1,069 Swift
45Unreviewed advisories
All unreviewed
5,000+Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
280,428 advisories
Filter by severity
Uh oh!
There was an error while loading. Please reload this page.
Improper Input Validation in yargs-parser Moderate Unreviewed
GHSA-ghmj-crg5-xw2j was published Feb 15, 2022
An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka ... Moderate Unreviewed
CVE-2020-0905 was published May 24, 2022
Belledonne Belle-sip before 4.5.20, as used in Linphone and other products, can crash via an... High Unreviewed
CVE-2021-33056 was published May 24, 2022
An open redirect vulnerability exists in Nagios XI before version 5.8.5 that could lead to... Moderate Unreviewed
CVE-2021-37352 was published May 24, 2022
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0... High Unreviewed
CVE-2020-12109 was published May 24, 2022
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with... High Unreviewed
CVE-2022-42276 was published Jan 13, 2023
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed
CVE-2023-20528 was published Jan 11, 2023
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject... High Unreviewed
CVE-2022-42279 was published Jan 13, 2023
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to... Moderate Unreviewed
CVE-2023-20525 was published Jan 11, 2023
A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows... Moderate Unreviewed
CVE-2022-47102 was published Jan 13, 2023
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2022-3841 was published Jan 13, 2023
EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented... Critical Unreviewed
CVE-2022-39185 was published Jan 12, 2023
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by... Low Unreviewed
CVE-2020-12872 was published May 24, 2022
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject... High Unreviewed
CVE-2022-42290 was published Jan 13, 2023
NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a... High Unreviewed
CVE-2022-42273 was published Jan 13, 2023
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a... High Unreviewed
CVE-2022-42272 was published Jan 13, 2023
An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0... Moderate Unreviewed
CVE-2019-9892 was published May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... Moderate Unreviewed
CVE-2022-3573 was published Jan 12, 2023
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community... Moderate Unreviewed
CVE-2019-10067 was published May 24, 2022
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to... High Unreviewed
CVE-2020-15920 was published May 24, 2022
H C Mingham-Smith Ltd - Tardis 2000 Privilege escalation.Version 1.6 is vulnerable to privilege... High Unreviewed
CVE-2022-39182 was published Jan 12, 2023
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. Moderate Unreviewed
CVE-2019-20176 was published May 24, 2022
A vulnerability, which was classified as critical, has been found in SourceCodester Online Flight... Critical Unreviewed
CVE-2023-0245 was published Jan 12, 2023
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c... Moderate Unreviewed
CVE-2019-20096 was published May 24, 2022
A vulnerability classified as critical has been found in TuziCMS 2.0.6. This affects the function... Critical Unreviewed
CVE-2023-0243 was published Jan 12, 2023
ProTip! Advisories are also available from the GraphQL API