GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,734 advisories
Filter by severity
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an...
Critical
Unreviewed
CVE-2021-1138
was published
May 24, 2022
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core...
Critical
Unreviewed
CVE-2020-14756
was published
May 24, 2022
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may...
Critical
Unreviewed
CVE-2021-3177
was published
May 24, 2022
The default setting of MISP 2.4.136 did not enable the requirements (aka...
Critical
Unreviewed
CVE-2021-25323
was published
May 24, 2022
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to...
Critical
Unreviewed
CVE-2021-22850
was published
May 24, 2022
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into...
Critical
Unreviewed
CVE-2021-22851
was published
May 24, 2022
Mautic stored Cross-site Scripting (XSS)
Critical
CVE-2020-35128
was published
for
mautic/core
(Composer)
May 24, 2022
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote...
Critical
Unreviewed
CVE-2021-25294
was published
May 24, 2022
Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4...
Critical
Unreviewed
CVE-2021-20618
was published
May 24, 2022
Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1...
Critical
Unreviewed
CVE-2021-20617
was published
May 24, 2022
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS...
Critical
Unreviewed
CVE-2021-0211
was published
May 24, 2022
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in...
Critical
Unreviewed
CVE-2020-29493
was published
May 24, 2022
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability...
Critical
Unreviewed
CVE-2020-29495
was published
May 24, 2022
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6...
Critical
Unreviewed
CVE-2020-29016
was published
May 24, 2022
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial...
Critical
Unreviewed
CVE-2020-27265
was published
May 24, 2022
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial...
Critical
Unreviewed
CVE-2020-27263
was published
May 24, 2022
A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6...
Critical
Unreviewed
CVE-2020-29015
was published
May 24, 2022
KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial...
Critical
Unreviewed
CVE-2020-27267
was published
May 24, 2022
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command...
Critical
Unreviewed
CVE-2020-24639
was published
May 24, 2022
There is a vulnerability caused by insufficient input validation that allows for arbitrary...
Critical
Unreviewed
CVE-2020-24640
was published
May 24, 2022
Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote...
Critical
Unreviewed
CVE-2020-16045
was published
May 24, 2022
git-big-picture Code Execution
Critical
CVE-2021-3028
was published
for
git-big-picture
(pip)
May 24, 2022
There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this...
Critical
Unreviewed
CVE-2020-9144
was published
May 24, 2022
Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express5800/T110j (2nd-Gen),...
Critical
Unreviewed
CVE-2020-5633
was published
May 24, 2022
There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone...
Critical
Unreviewed
CVE-2020-9140
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API