Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

37 advisories

Loading
ws-scrcpy is vulnerable to External Control of File Name or Path High Unreviewed
CVE-2021-3845 was published Jan 5, 2022
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up... High Unreviewed
CVE-2022-2431 was published Sep 7, 2022
External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3. High Unreviewed
CVE-2023-1105 was published Mar 1, 2023
A vulnerability was found in Boss Mini 1.4.0 Build 6221. It has been classified as critical. This... High Unreviewed
CVE-2023-3643 was published Jul 12, 2023
External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0. High Unreviewed
CVE-2023-2554 was published May 5, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed
CVE-2023-35985 was published Nov 27, 2023
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356.... High Unreviewed
CVE-2023-39542 was published Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed
CVE-2023-40194 was published Nov 27, 2023
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple... High Unreviewed
CVE-2023-5247 was published Nov 30, 2023
An information disclosure vulnerability exists in the image404Raw.php functionality of WWBN... High Unreviewed
CVE-2023-49738 was published Jan 10, 2024
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of... High Unreviewed
CVE-2023-3256 was published Jun 22, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42733 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42732 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42891 was published Jul 6, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42893 was published Jul 6, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open... High Unreviewed
CVE-2023-32615 was published Sep 5, 2023
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in... High Unreviewed
CVE-2023-36634 was published Sep 13, 2023
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated... High Unreviewed
CVE-2023-43074 was published Oct 23, 2023
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... High Unreviewed
CVE-2022-43513 was published Jan 10, 2023
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3... High Unreviewed
CVE-2024-31492 was published Apr 10, 2024
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed
CVE-2022-42734 was published Jul 6, 2023
Windows HTML Platforms Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-20652 was published Jan 9, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... High Unreviewed
CVE-2024-27944 was published May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... High Unreviewed
CVE-2024-27943 was published May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import... High Unreviewed
CVE-2024-27945 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database