Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

23,508 advisories

Loading
A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC... Critical Unreviewed
CVE-2019-5390 was published May 24, 2022
An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an... Critical Unreviewed
CVE-2019-9642 was published May 24, 2022
Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control. Critical Unreviewed
CVE-2019-9548 was published May 24, 2022
An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.358. An unauthenticated... Critical Unreviewed
CVE-2019-8385 was published May 24, 2022
Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com... Critical Unreviewed
CVE-2018-10171 was published May 24, 2022
Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No... Critical Unreviewed
CVE-2019-11523 was published May 24, 2022
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4... Critical Unreviewed
CVE-2019-3723 was published May 24, 2022
An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and... Critical Unreviewed
CVE-2019-12135 was published May 24, 2022
An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET... Critical Unreviewed
CVE-2018-10698 was published May 24, 2022
An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through... Critical Unreviewed
CVE-2018-20091 was published May 24, 2022
A security regression of CVE-2019-9636 was discovered in python since commit... Critical Unreviewed
CVE-2019-10160 was published May 24, 2022
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL... Critical Unreviewed
CVE-2019-12600 was published May 24, 2022
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL... Critical Unreviewed
CVE-2019-12598 was published May 24, 2022
SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection. Critical Unreviewed
CVE-2019-12599 was published May 24, 2022
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL... Critical Unreviewed
CVE-2019-12601 was published May 24, 2022
Command injection is possible in ThinStation through 6.1.1 via shell metacharacters after the cgi... Critical Unreviewed
CVE-2019-12771 was published May 24, 2022
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with... Critical Unreviewed
CVE-2019-12776 was published May 24, 2022
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to... Critical Unreviewed
CVE-2019-2097 was published May 24, 2022
HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle.php anno parameter. Critical Unreviewed
CVE-2019-9086 was published May 24, 2022
HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php numtariffa1 parameter. Critical Unreviewed
CVE-2019-9087 was published May 24, 2022
An invalid read of 8 bytes due to a use-after-free vulnerability in the... Critical Unreviewed
CVE-2018-20356 was published May 24, 2022
An invalid read of 8 bytes due to a use-after-free vulnerability during a "return" in the... Critical Unreviewed
CVE-2018-20354 was published May 24, 2022
An invalid read of 8 bytes due to a use-after-free vulnerability during a "NULL test" in the... Critical Unreviewed
CVE-2018-20353 was published May 24, 2022
An invalid write of 8 bytes due to a use-after-free vulnerability in the... Critical Unreviewed
CVE-2018-20355 was published May 24, 2022
The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the... Critical Unreviewed
CVE-2019-12780 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database