GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

21,750 advisories

Filter by severity

Sort by

Least recently updated

PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through... Critical Unreviewed

CVE-2020-16629 was published May 24, 2022

CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a... Critical Unreviewed

CVE-2021-3122 was published May 24, 2022

Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with... Critical Unreviewed

CVE-2021-20623 was published May 24, 2022

SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers to execute arbitrary code due to a... Critical Unreviewed

CVE-2020-18717 was published May 24, 2022

SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering... Critical Unreviewed

CVE-2020-18716 was published May 24, 2022

An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort()... Critical Unreviewed

CVE-2020-10539 was published May 24, 2022

Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted... Critical Unreviewed

CVE-2020-10857 was published May 24, 2022

SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering... Critical Unreviewed

CVE-2020-18713 was published May 24, 2022

SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering... Critical Unreviewed

CVE-2020-18714 was published May 24, 2022

Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another... Critical Unreviewed

CVE-2021-3401 was published May 24, 2022

An issue was discovered on LG Wing mobile devices with Android OS 10 software. The biometric... Critical Unreviewed

CVE-2021-26688 was published May 24, 2022

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The... Critical Unreviewed

CVE-2021-26689 was published May 24, 2022

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In... Critical Unreviewed

CVE-2021-26687 was published May 24, 2022

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote... Critical Unreviewed

CVE-2021-20016 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed

CVE-2021-1295 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed

CVE-2021-1292 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed

CVE-2021-1293 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed

CVE-2021-1291 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed

CVE-2021-1294 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed

CVE-2021-1290 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... Critical Unreviewed

CVE-2021-1289 was published May 24, 2022

HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that... Critical Unreviewed

CVE-2020-14245 was published May 24, 2022

The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message... Critical Unreviewed

CVE-2021-25274 was published May 24, 2022

In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible,... Critical Unreviewed

CVE-2021-25770 was published May 24, 2022

In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace... Critical Unreviewed

CVE-2021-25758 was published May 24, 2022

Previous 1 2 … 393 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,750 advisories