GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,495

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

22,993 advisories

Filter by severity

Sort by

Least recently updated

A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in... Critical Unreviewed

CVE-2021-39306 was published Dec 23, 2021

The id parameter in view_storage.php from Simple Cold Storage Management System 1.0 appears to be... Critical Unreviewed

CVE-2021-45253 was published Dec 22, 2021

Stormshield Endpoint Security before 2.1.2 allows remote code execution. Critical Unreviewed

CVE-2021-45090 was published Dec 22, 2021

Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could... Critical Unreviewed

CVE-2021-36336 was published Dec 22, 2021

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost... Critical Unreviewed

CVE-2016-10243 was published May 17, 2022

Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize... Critical Unreviewed

CVE-2017-1002020 was published May 17, 2022

SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute... Critical Unreviewed

CVE-2017-12776 was published May 17, 2022

EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could... Critical Unreviewed

CVE-2017-8015 was published May 17, 2022

elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU... Critical Unreviewed

CVE-2017-7614 was published May 17, 2022

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in... Critical Unreviewed

CVE-2017-1002014 was published May 17, 2022

Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in .... Critical Unreviewed

CVE-2017-1002028 was published May 17, 2022

Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't... Critical Unreviewed

CVE-2017-1002027 was published May 17, 2022

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... Critical Unreviewed

CVE-2022-23663 was published May 17, 2022

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in... Critical Unreviewed

CVE-2017-1002015 was published May 17, 2022

Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability. Critical Unreviewed

CVE-2022-37968 was published Oct 12, 2022

Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption... Critical Unreviewed

CVE-2017-3086 was published May 17, 2022

Chain Sea ai chatbot system’s file upload function has insufficient filtering for special... Critical Unreviewed

CVE-2021-44164 was published Dec 21, 2021

In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square... Critical Unreviewed

CVE-2017-14396 was published May 17, 2022

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Multiple functions in... Critical Unreviewed

CVE-2021-43033 was published Dec 7, 2021

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The password for the... Critical Unreviewed

CVE-2021-43036 was published Dec 7, 2021

4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker... Critical Unreviewed

CVE-2021-44159 was published Dec 21, 2021

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated... Critical Unreviewed

CVE-2021-43035 was published Dec 7, 2021

The d8s-json package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed

CVE-2022-41382 was published Oct 12, 2022

The d8s-archives package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed

CVE-2022-41383 was published Oct 12, 2022

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3... Critical Unreviewed

CVE-2015-5206 was published May 17, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,993 advisories