Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed
CVE-2021-1293 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed
CVE-2021-1291 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed
CVE-2021-1294 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed
CVE-2021-1289 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed
CVE-2021-1290 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed
CVE-2021-1292 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed
CVE-2021-1295 was published May 24, 2022
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded... High Unreviewed
CVE-2021-27770 was published May 13, 2022
An improper control of parameters allows the spoofing of the from fields of the following screens... Moderate Unreviewed
CVE-2020-1765 was published May 24, 2022
External Control of Assumed-Immutable Web Parameter in moodle Moderate
CVE-2022-30597 was published for moodle/moodle (Composer) May 19, 2022
httparty has multipart/form-data request tampering vulnerability Moderate
CVE-2024-22049 was published for httparty (RubyGems) Jan 3, 2023
motoyasu-saburi
Credited to motoyasu-saburi
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific... Moderate Unreviewed
CVE-2023-28512 was published Mar 3, 2024
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar,... Low Unreviewed
CVE-2023-24373 was published Jun 4, 2024
External Control of Assumed-Immutable Web Parameter vulnerability in PINPOINT.WORLD Pinpoint... Moderate Unreviewed
CVE-2023-38520 was published Jun 4, 2024
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to... High Unreviewed
CVE-2024-9123 was published Sep 25, 2024
The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all... Moderate Unreviewed
CVE-2024-6010 was published Sep 7, 2024
A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be... Moderate Unreviewed
CVE-2024-12123 was published Dec 4, 2024
TeamPass privileges issue Critical
CVE-2024-50703 was published for nilsteampassnet/teampass (Composer) Dec 30, 2024
Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to... High Unreviewed
CVE-2024-7025 was published Nov 27, 2024
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity... High Unreviewed
CVE-2025-22384 was published Jan 4, 2025
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to... High Unreviewed
CVE-2025-0436 was published Jan 15, 2025
Duplicate Advisory: httparty has multipart/form-data request tampering vulnerability Moderate
GHSA-g47j-3m2m-74qv was published for httparty (RubyGems) Jan 4, 2024 withdrawn
In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation... Low Unreviewed
CVE-2025-27893 was published Mar 11, 2025
SendQuick Entera devices before 11HF5 are vulnerable to CAPTCHA bypass via the captcha parameter Moderate Unreviewed
CVE-2025-26312 was published Mar 14, 2025
Sylius PayPal Plugin Payment Amount Manipulation Vulnerability Moderate
CVE-2025-29788 was published for sylius/paypal-plugin (Composer) Mar 17, 2025
migo315
Credited to migo315
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database