GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,737 advisories
Filter by severity
An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users'...
Critical
Unreviewed
CVE-2019-9880
was published
May 24, 2022
An issue was discovered on Wireless IP Camera (P2P) WIFICAM cameras. There is Command Injection...
Critical
Unreviewed
CVE-2017-18377
was published
May 24, 2022
On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell...
Critical
Unreviewed
CVE-2016-10760
was published
May 24, 2022
SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary...
Critical
Unreviewed
CVE-2018-11800
was published
May 24, 2022
SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary...
Critical
Unreviewed
CVE-2018-11801
was published
May 24, 2022
HooToo TripMate Titan HT-TM05 and HT-05 routers with firmware 2.000.022 and 2.000.082 allow...
Critical
Unreviewed
CVE-2018-20841
was published
May 24, 2022
In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir']...
Critical
Unreviewed
CVE-2017-18378
was published
May 24, 2022
XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to...
Critical
Unreviewed
CVE-2019-12154
was published
May 24, 2022
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server...
Critical
Unreviewed
CVE-2019-12146
was published
May 24, 2022
Lack of validation in the HTML parser in RealObjects PDFreactor before 10.1.10722 leads to SSRF,...
Critical
Unreviewed
CVE-2019-12153
was published
May 24, 2022
An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1....
Critical
Unreviewed
CVE-2019-12144
was published
May 24, 2022
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution...
Critical
Unreviewed
CVE-2019-3412
was published
May 24, 2022
An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable...
Critical
Unreviewed
CVE-2019-12765
was published
May 24, 2022
silverstripe restfulserver and registry modules SQL injection vulnerability
Critical
CVE-2019-12149
was published
for
silverstripe/registry
(Composer)
May 24, 2022
FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT,...
Critical
Unreviewed
CVE-2019-0304
was published
May 24, 2022
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would...
Critical
Unreviewed
CVE-2019-3873
was published
May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),...
Critical
Unreviewed
CVE-2019-6580
was published
May 24, 2022
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a...
Critical
Unreviewed
CVE-2019-7838
was published
May 24, 2022
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a...
Critical
Unreviewed
CVE-2019-7840
was published
May 24, 2022
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a...
Critical
Unreviewed
CVE-2019-7839
was published
May 24, 2022
Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may...
Critical
Unreviewed
CVE-2019-11119
was published
May 24, 2022
BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0...
Critical
Unreviewed
CVE-2019-10959
was published
May 24, 2022
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular...
Critical
Unreviewed
CVE-2019-12798
was published
May 24, 2022
Lack of check on length of reason-code fetched from payload may lead driver access the memory not...
Critical
Unreviewed
CVE-2018-11955
was published
May 24, 2022
Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in...
Critical
Unreviewed
CVE-2018-13911
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API