GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
22,106 advisories
Filter by severity
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-29076
was published
May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-29077
was published
May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects...
Critical
Unreviewed
CVE-2021-29071
was published
May 24, 2022
Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2,...
Critical
Unreviewed
CVE-2021-29067
was published
May 24, 2022
Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.17...
Critical
Unreviewed
CVE-2021-29066
was published
May 24, 2022
NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass.
Critical
Unreviewed
CVE-2021-29065
was published
May 24, 2022
The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API...
Critical
Unreviewed
CVE-2021-23274
was published
May 24, 2022
Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use...
Critical
Unreviewed
CVE-2021-26295
was published
May 24, 2022
SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and...
Critical
Unreviewed
CVE-2020-13963
was published
May 24, 2022
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a...
Critical
Unreviewed
CVE-2021-26990
was published
May 24, 2022
The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c (German edition) allows itrk-api.php...
Critical
Unreviewed
CVE-2020-6577
was published
May 24, 2022
The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck...
Critical
Unreviewed
CVE-2021-28794
was published
May 24, 2022
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an...
Critical
Unreviewed
CVE-2021-24148
was published
May 24, 2022
Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1...
Critical
Unreviewed
CVE-2021-24139
was published
May 24, 2022
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an...
Critical
Unreviewed
CVE-2020-14516
was published
May 24, 2022
HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute...
Critical
Unreviewed
CVE-2021-22848
was published
May 24, 2022
Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto,...
Critical
Unreviewed
CVE-2020-11299
was published
May 24, 2022
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size...
Critical
Unreviewed
CVE-2020-11227
was published
May 24, 2022
Buffer over read while processing MT SMS with maximum length due to improper length check in...
Critical
Unreviewed
CVE-2020-11222
was published
May 24, 2022
Out of bound write while parsing SDP string due to missing check on null termination in...
Critical
Unreviewed
CVE-2020-11192
was published
May 24, 2022
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination...
Critical
Unreviewed
CVE-2020-11189
was published
May 24, 2022
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination...
Critical
Unreviewed
CVE-2020-11190
was published
May 24, 2022
Potential out of bound read exception when UE receives unusually large number of padding octets...
Critical
Unreviewed
CVE-2020-11166
was published
May 24, 2022
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination...
Critical
Unreviewed
CVE-2020-11171
was published
May 24, 2022
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination...
Critical
Unreviewed
CVE-2020-11188
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API