GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
49 advisories
Filter by severity
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts...
High
Unreviewed
CVE-2022-25485
was published
Mar 16, 2022
Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by...
High
Unreviewed
CVE-2018-12120
was published
May 13, 2022
Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated...
High
Unreviewed
CVE-2022-30244
was published
Jul 16, 2022
Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from...
High
Unreviewed
CVE-2022-30243
was published
Jul 16, 2022
Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64...
High
Unreviewed
CVE-2022-33317
was published
Jul 21, 2022
Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the...
High
Unreviewed
CVE-2022-34121
was published
Jul 28, 2022
IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library)...
High
Unreviewed
CVE-2021-20443
was published
May 24, 2022
Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212...
High
Unreviewed
CVE-2021-30507
was published
May 24, 2022
Local file inclusion exists in Kaseya VSA before 9.5.6.
High
Unreviewed
CVE-2021-30121
was published
May 24, 2022
iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged...
High
Unreviewed
CVE-2021-34692
was published
May 24, 2022
NVIDIA DCGM contains a vulnerability in the DIAG module where any user can inject shared...
High
Unreviewed
CVE-2021-34398
was published
May 24, 2022
The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the...
High
Unreviewed
CVE-2021-38360
was published
May 24, 2022
In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the...
High
Unreviewed
CVE-2021-33626
was published
May 24, 2022
SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included...
High
Unreviewed
CVE-2021-41569
was published
May 24, 2022
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts...
High
Unreviewed
CVE-2022-25486
was published
Mar 16, 2022
Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a...
High
Unreviewed
CVE-2019-9829
was published
May 13, 2022
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an...
High
Unreviewed
CVE-2021-42133
was published
Dec 8, 2021
A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos...
High
Unreviewed
CVE-2022-22246
was published
Oct 18, 2022
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could...
High
Unreviewed
CVE-2017-14095
was published
May 13, 2022
MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel (Tools and Maintenance ->...
High
Unreviewed
CVE-2018-1000502
was published
May 13, 2022
playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse.
High
Unreviewed
CVE-2018-18387
was published
May 13, 2022
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that...
High
Unreviewed
CVE-2021-41841
was published
Feb 10, 2022
A local file inclusion in Hospital Patient Record Management System v1.0 allows attackers to...
High
Unreviewed
CVE-2022-24232
was published
Feb 25, 2022
XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows...
High
Unreviewed
CVE-2022-30037
was published
Mar 23, 2023
Local File Inclusion vulnerability within Cloudflow allows attackers to retrieve confidential...
High
Unreviewed
CVE-2022-41216
was published
Feb 22, 2023
ProTip!
Advisories are also available from the
GraphQL API