GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,575
Composer 3,992
Erlang 29
GitHub Actions 16
Go 1,782
Maven 5,014
npm 3,544
NuGet 619
pip 3,134
Pub 10
RubyGems 838
Rust 795
Swift 34

Unreviewed advisories

All unreviewed 223,690

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

22,106 advisories

Filter by severity

Sort by

Least recently updated

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination... Critical Unreviewed

CVE-2020-11188 was published May 24, 2022

Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework... Critical Unreviewed

CVE-2021-26987 was published May 24, 2022

The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication,... Critical Unreviewed

CVE-2020-28899 was published May 24, 2022

Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote... Critical Unreviewed

CVE-2020-24264 was published May 24, 2022

ShopXO RCE Vulnerability Critical

CVE-2021-27817 was published for shopxo/shopxo (Composer) May 24, 2022

DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On... Critical Unreviewed

CVE-2020-35358 was published May 24, 2022

myDBR 5.8.3/4262 is affected by: Cross Site Scripting (XSS). The impact is: execute arbitrary... Critical Unreviewed

CVE-2020-28149 was published May 24, 2022

A SQL injection vulnerability in zzzphp v1.8.0 through /form/index.php?module=getjson may lead to... Critical Unreviewed

CVE-2020-24877 was published May 24, 2022

Fix a use-after-free bug in diesels Sqlite backend Critical

CVE-2021-28305 was published for diesel (Rust) May 24, 2022

Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM)... Critical Unreviewed

CVE-2021-27646 was published May 24, 2022

Out-of-bounds Read vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM... Critical Unreviewed

CVE-2021-27647 was published May 24, 2022

A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead... Critical Unreviewed

CVE-2021-20231 was published May 24, 2022

A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext... Critical Unreviewed

CVE-2021-20232 was published May 24, 2022

** DISPUTED ** Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access.... Critical Unreviewed

CVE-2021-28154 was published May 24, 2022

Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC... Critical Unreviewed

CVE-2021-28134 was published May 24, 2022

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution... Critical Unreviewed

CVE-2021-28132 was published May 24, 2022

An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows... Critical Unreviewed

CVE-2021-28141 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877,... Critical Unreviewed

CVE-2021-26895 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877,... Critical Unreviewed

CVE-2021-26893 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877,... Critical Unreviewed

CVE-2021-26897 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877,... Critical Unreviewed

CVE-2021-26894 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26893,... Critical Unreviewed

CVE-2021-26877 was published May 24, 2022

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability... Critical Unreviewed

CVE-2021-22714 was published May 24, 2022

When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of... Critical Unreviewed

CVE-2020-1900 was published May 24, 2022

The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute... Critical Unreviewed

CVE-2020-29045 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,106 advisories