Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

21,734 advisories

Loading
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1138 was published May 24, 2022
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core... Critical Unreviewed
CVE-2020-14756 was published May 24, 2022
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may... Critical Unreviewed
CVE-2021-3177 was published May 24, 2022
The default setting of MISP 2.4.136 did not enable the requirements (aka... Critical Unreviewed
CVE-2021-25323 was published May 24, 2022
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed
CVE-2021-22850 was published May 24, 2022
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into... Critical Unreviewed
CVE-2021-22851 was published May 24, 2022
Mautic stored Cross-site Scripting (XSS) Critical
CVE-2020-35128 was published for mautic/core (Composer) May 24, 2022
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote... Critical Unreviewed
CVE-2021-25294 was published May 24, 2022
Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4... Critical Unreviewed
CVE-2021-20618 was published May 24, 2022
Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1... Critical Unreviewed
CVE-2021-20617 was published May 24, 2022
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS... Critical Unreviewed
CVE-2021-0211 was published May 24, 2022
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in... Critical Unreviewed
CVE-2020-29493 was published May 24, 2022
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability... Critical Unreviewed
CVE-2020-29495 was published May 24, 2022
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6... Critical Unreviewed
CVE-2020-29016 was published May 24, 2022
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial... Critical Unreviewed
CVE-2020-27265 was published May 24, 2022
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial... Critical Unreviewed
CVE-2020-27263 was published May 24, 2022
A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6... Critical Unreviewed
CVE-2020-29015 was published May 24, 2022
KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial... Critical Unreviewed
CVE-2020-27267 was published May 24, 2022
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command... Critical Unreviewed
CVE-2020-24639 was published May 24, 2022
There is a vulnerability caused by insufficient input validation that allows for arbitrary... Critical Unreviewed
CVE-2020-24640 was published May 24, 2022
Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote... Critical Unreviewed
CVE-2020-16045 was published May 24, 2022
git-big-picture Code Execution Critical
CVE-2021-3028 was published for git-big-picture (pip) May 24, 2022
There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this... Critical Unreviewed
CVE-2020-9144 was published May 24, 2022
Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express5800/T110j (2nd-Gen),... Critical Unreviewed
CVE-2020-5633 was published May 24, 2022
There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone... Critical Unreviewed
CVE-2020-9140 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API