Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,782
Erlang
36
GitHub Actions
29
Go
2,346
Maven
5,000+
npm
3,976
NuGet
720
pip
3,772
Pub
12
RubyGems
923
Rust
980
Swift
38
Unreviewed advisories
All unreviewed
5,000+

43 advisories

Loading
The Front End User Registration extension for TYPO3 (sr_feuser_register) allows Insecure Direct Object Reference High
CVE-2025-48205 was published for sjbr/sr-feuser-register (Composer) May 21, 2025
The Backup Plus extension for TYPO3 (ns_backup) has a Predictable Resource Location High
CVE-2025-48201 was published for nitsan/ns-backup (Composer) May 21, 2025
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN... High Unreviewed
CVE-2022-36158 was published Sep 27, 2022
A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get... High Unreviewed
CVE-2022-42238 was published Oct 11, 2022
Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive... High Unreviewed
CVE-2022-42953 was published Dec 25, 2022
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via ... High Unreviewed
CVE-2025-32367 was published Apr 11, 2025
Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system... High Unreviewed
CVE-2004-2144 was published Apr 29, 2022
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1... High Unreviewed
CVE-2022-47700 was published Jan 31, 2023
dot-prop Prototype Pollution vulnerability High
CVE-2020-8116 was published for dot-prop (npm) Jul 29, 2020
Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache... High Unreviewed
CVE-2024-45195 was published Sep 4, 2024
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of... High Unreviewed
CVE-2020-10181 was published May 24, 2022
Unsafe handling of user-specified cookies in treq High
CVE-2022-23607 was published for treq (pip) Feb 1, 2022
glyph twm
Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information ... High Unreviewed
CVE-2018-16060 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39868 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39867 was published Jul 9, 2024
Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users... High Unreviewed
CVE-2005-1654 was published May 1, 2022
D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as... High Unreviewed
CVE-2005-1827 was published May 1, 2022
YusASP Web Asset Manager 1.0 allows remote attackers to gain privileges via a direct request to... High Unreviewed
CVE-2005-1668 was published May 1, 2022
episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct... High Unreviewed
CVE-2005-1685 was published May 1, 2022
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated... High Unreviewed
CVE-2021-24831 was published Jan 4, 2022
A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP... High Unreviewed
CVE-2022-27480 was published Apr 13, 2022
A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as... High Unreviewed
CVE-2022-1077 was published Mar 30, 2022
A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this... High Unreviewed
CVE-2023-1682 was published Mar 29, 2023
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or... High Unreviewed
CVE-2019-14347 was published May 24, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,... High Unreviewed
CVE-2018-7526 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database