GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,737 advisories
Filter by severity
Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper...
Critical
Unreviewed
CVE-2020-20287
was published
May 24, 2022
Sql injection vulnerability in the yccms 3.3 project. The no_top function's improper judgment of...
Critical
Unreviewed
CVE-2020-20289
was published
May 24, 2022
An issue was found in CMSWing project version 1.3.8, Because the rechargeAction function does not...
Critical
Unreviewed
CVE-2020-20296
was published
May 24, 2022
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious...
Critical
Unreviewed
CVE-2020-21180
was published
May 24, 2022
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication...
Critical
Unreviewed
CVE-2020-15835
was published
May 24, 2022
An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not...
Critical
Unreviewed
CVE-2020-20295
was published
May 24, 2022
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious...
Critical
Unreviewed
CVE-2020-21179
was published
May 24, 2022
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They...
Critical
Unreviewed
CVE-2020-13858
was published
May 24, 2022
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in ...
Critical
Unreviewed
CVE-2020-13859
was published
May 24, 2022
An issue was found in CMSWing project version 1.3.8. Because the log function does not check the...
Critical
Unreviewed
CVE-2020-20294
was published
May 24, 2022
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The Dropbear SSH...
Critical
Unreviewed
CVE-2020-15833
was published
May 24, 2022
An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices....
Critical
Unreviewed
CVE-2019-20468
was published
May 24, 2022
TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root...
Critical
Unreviewed
CVE-2020-15568
was published
May 24, 2022
Foris before 101.1.1, as used in Turris OS, lacks certain HTML escaping in the login template.
Critical
Unreviewed
CVE-2021-3346
was published
May 24, 2022
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not cease processing for...
Critical
Unreviewed
CVE-2021-3336
was published
May 24, 2022
A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an...
Critical
Unreviewed
CVE-2020-35547
was published
May 24, 2022
An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer...
Critical
Unreviewed
CVE-2020-29557
was published
May 24, 2022
Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA...
Critical
Unreviewed
CVE-2021-3160
was published
May 24, 2022
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions...
Critical
Unreviewed
CVE-2020-25783
was published
May 24, 2022
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions...
Critical
Unreviewed
CVE-2020-25785
was published
May 24, 2022
An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions...
Critical
Unreviewed
CVE-2020-25782
was published
May 24, 2022
IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2020-4682
was published
May 24, 2022
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions...
Critical
Unreviewed
CVE-2020-25784
was published
May 24, 2022
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation...
Critical
Unreviewed
CVE-2021-3325
was published
May 24, 2022
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the...
Critical
Unreviewed
CVE-2021-25311
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API