Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,638
Erlang
34
GitHub Actions
26
Go
2,249
Maven
5,000+
npm
3,903
NuGet
702
pip
3,671
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

252,913 advisories

Loading
Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection. Critical Unreviewed
CVE-2022-46072 was published Dec 14, 2022
Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated... High Unreviewed
CVE-2022-46074 was published Dec 14, 2022
Helmet Store Showroom 1.0 is vulnerable to Cross Site Scripting (XSS). Moderate Unreviewed
CVE-2022-46073 was published Dec 14, 2022
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability... Critical Unreviewed
CVE-2022-46071 was published Dec 14, 2022
A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as... Moderate Unreviewed
CVE-2025-3855 was published Apr 22, 2025
An improper privilege management vulnerability in the recovery function of the USG FLEX H series... Moderate Unreviewed
CVE-2025-1732 was published Apr 22, 2025
A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-3856 was published Apr 22, 2025
An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H... High Unreviewed
CVE-2025-1731 was published Apr 22, 2025
**UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of... Moderate Unreviewed
CVE-2025-3577 was published Apr 22, 2025
A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006.... High Unreviewed
CVE-2025-3854 was published Apr 22, 2025
The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges. Critical Unreviewed
CVE-2024-58250 was published Apr 22, 2025
A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue... Moderate Unreviewed
CVE-2025-3850 was published Apr 22, 2025
Binbloom 2.0 was discovered to contain a heap buffer overflow via the read_pointer function at ... High Unreviewed
CVE-2022-44910 was published Dec 14, 2022
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE... Moderate Unreviewed
CVE-2022-46350 was published Dec 13, 2022
A vulnerability was found in panhainan DS-Java 1.0. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-3843 was published Apr 22, 2025
A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0.... Moderate Unreviewed
CVE-2025-3849 was published Apr 22, 2025
A vulnerability was found in markparticle WebServer up to 1.0. It has been declared as critical.... Moderate Unreviewed
CVE-2025-3845 was published Apr 22, 2025
IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side request forgery (SSRF). This may... Low Unreviewed
CVE-2025-2987 was published Apr 22, 2025
A vulnerability was found in markparticle WebServer up to 1.0. It has been rated as critical.... Moderate Unreviewed
CVE-2025-3846 was published Apr 22, 2025
A vulnerability classified as critical has been found in markparticle WebServer up to 1.0. This... Moderate Unreviewed
CVE-2025-3847 was published Apr 22, 2025
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via... Moderate Unreviewed
CVE-2025-29450 was published Apr 17, 2025
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via... Moderate Unreviewed
CVE-2025-29449 was published Apr 17, 2025
Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code... Critical Unreviewed
CVE-2022-46997 was published Dec 14, 2022
vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code... Critical Unreviewed
CVE-2022-46996 was published Dec 14, 2022
An issue existed with the file paths used to store website data. The issue was resolved by... Moderate Unreviewed
CVE-2022-32833 was published Dec 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database