GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,750 advisories
Filter by severity
Buffer Over-read in audio driver while using malloc management function due to not returning NULL...
Critical
Unreviewed
CVE-2020-11136
was published
May 24, 2022
Integer multiplication overflow resulting in lower buffer size allocation than expected causes...
Critical
Unreviewed
CVE-2020-11137
was published
May 24, 2022
The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module...
Critical
Unreviewed
CVE-2021-3110
was published
May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core...
Critical
Unreviewed
CVE-2021-2108
was published
May 24, 2022
Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component:...
Critical
Unreviewed
CVE-2021-2100
was published
May 24, 2022
Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component:...
Critical
Unreviewed
CVE-2021-2101
was published
May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component:...
Critical
Unreviewed
CVE-2021-2075
was published
May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core...
Critical
Unreviewed
CVE-2021-2064
was published
May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core...
Critical
Unreviewed
CVE-2021-2047
was published
May 24, 2022
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component:...
Critical
Unreviewed
CVE-2021-2029
was published
May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web...
Critical
Unreviewed
CVE-2021-1994
was published
May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2021-1300
was published
May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2021-1301
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software...
Critical
Unreviewed
CVE-2021-1225
was published
May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an...
Critical
Unreviewed
CVE-2021-1142
was published
May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an...
Critical
Unreviewed
CVE-2021-1140
was published
May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an...
Critical
Unreviewed
CVE-2021-1138
was published
May 24, 2022
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core...
Critical
Unreviewed
CVE-2020-14756
was published
May 24, 2022
The default setting of MISP 2.4.136 did not enable the requirements (aka...
Critical
Unreviewed
CVE-2021-25323
was published
May 24, 2022
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may...
Critical
Unreviewed
CVE-2021-3177
was published
May 24, 2022
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to...
Critical
Unreviewed
CVE-2021-22850
was published
May 24, 2022
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into...
Critical
Unreviewed
CVE-2021-22851
was published
May 24, 2022
Mautic stored Cross-site Scripting (XSS)
Critical
CVE-2020-35128
was published
for
mautic/core
(Composer)
May 24, 2022
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote...
Critical
Unreviewed
CVE-2021-25294
was published
May 24, 2022
Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4...
Critical
Unreviewed
CVE-2021-20618
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API