GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,407
Composer 5,538
Erlang 49
GitHub Actions 49
Go 3,405
Maven 6,358
npm 5,578
NuGet 882
pip 4,641
Pub 13
RubyGems 1,026
Rust 1,209
Swift 53

Unreviewed advisories

All unreviewed 296,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,562 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in... Critical Unreviewed

CVE-2020-36718 was published Jun 7, 2023

The User Submitted Posts plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2019-25138 was published Jun 7, 2023

The Delete All Comments plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2016-15033 was published Jun 7, 2023

An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection... Critical Unreviewed

CVE-2023-30400 was published Jun 7, 2023

In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in... Critical Unreviewed

CVE-2023-34409 was published Jun 6, 2023

PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php. Critical Unreviewed

CVE-2023-29632 was published Jun 6, 2023

There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0... Critical Unreviewed

CVE-2023-33532 was published Jun 6, 2023

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the... Critical Unreviewed

CVE-2023-31569 was published Jun 6, 2023

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability... Critical Unreviewed

CVE-2023-32540 was published Jun 6, 2023

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload... Critical Unreviewed

CVE-2023-32628 was published Jun 6, 2023

PrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajax_jmsmegamenu.php. Critical Unreviewed

CVE-2023-29630 was published Jun 5, 2023

PrestaShop jmsthemelayout 2.5.5 is vulnerable to SQL Injection via ajax_jmsvermegamenu.php. Critical Unreviewed

CVE-2023-29629 was published Jun 5, 2023

PrestaShop jmsslider 1.6.0 is vulnerable to Incorrect Access Control via ajax_jmsslider.php. Critical Unreviewed

CVE-2023-29631 was published Jun 5, 2023

MarsCTF 1.2.1 has an arbitrary file upload vulnerability in the interface for uploading... Critical Unreviewed

CVE-2023-33386 was published Jun 5, 2023

Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows... Critical Unreviewed

CVE-2023-3065 was published Jun 5, 2023

The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed

CVE-2023-2781 was published Jun 3, 2023

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in... Critical Unreviewed

CVE-2023-33670 was published Jun 2, 2023

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter... Critical Unreviewed

CVE-2023-33671 was published Jun 2, 2023

eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a SQL injection... Critical Unreviewed

CVE-2023-33762 was published Jun 2, 2023

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in... Critical Unreviewed

CVE-2023-33675 was published Jun 2, 2023

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter... Critical Unreviewed

CVE-2023-33669 was published Jun 2, 2023

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn... Critical Unreviewed

CVE-2023-33673 was published Jun 2, 2023

SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for... Critical Unreviewed

CVE-2023-30149 was published Jun 2, 2023

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022... Critical Unreviewed

CVE-2023-34362 was published Jun 2, 2023

ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The... Critical Unreviewed

CVE-2023-33476 was published Jun 2, 2023

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,562 advisories