Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,809 advisories

Loading
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed
CVE-2021-22850 was published May 24, 2022
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into... Critical Unreviewed
CVE-2021-22851 was published May 24, 2022
The default setting of MISP 2.4.136 did not enable the requirements (aka... Critical Unreviewed
CVE-2021-25323 was published May 24, 2022
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may... Critical Unreviewed
CVE-2021-3177 was published May 24, 2022
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core... Critical Unreviewed
CVE-2020-14756 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1138 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1140 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1142 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software... Critical Unreviewed
CVE-2021-1225 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... Critical Unreviewed
CVE-2021-1300 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... Critical Unreviewed
CVE-2021-1301 was published May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web... Critical Unreviewed
CVE-2021-1994 was published May 24, 2022
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component:... Critical Unreviewed
CVE-2021-2029 was published May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core... Critical Unreviewed
CVE-2021-2047 was published May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core... Critical Unreviewed
CVE-2021-2064 was published May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component:... Critical Unreviewed
CVE-2021-2075 was published May 24, 2022
Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component:... Critical Unreviewed
CVE-2021-2101 was published May 24, 2022
Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component:... Critical Unreviewed
CVE-2021-2100 was published May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core... Critical Unreviewed
CVE-2021-2108 was published May 24, 2022
The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module... Critical Unreviewed
CVE-2021-3110 was published May 24, 2022
Uninitialized pointers accessed during music play back with incorrect bit stream due to an... Critical Unreviewed
CVE-2020-11138 was published May 24, 2022
Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check... Critical Unreviewed
CVE-2020-11144 was published May 24, 2022
Buffer Over-read in audio driver while using malloc management function due to not returning NULL... Critical Unreviewed
CVE-2020-11136 was published May 24, 2022
Integer multiplication overflow resulting in lower buffer size allocation than expected causes... Critical Unreviewed
CVE-2020-11137 was published May 24, 2022
Out of bound memory access during music playback with modified content due to copying data... Critical Unreviewed
CVE-2020-11143 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API