GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,809 advisories

Filter by severity

Sort by

Least recently updated

A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config... Critical Unreviewed

CVE-2021-44630 was published Mar 11, 2022

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code... Critical Unreviewed

CVE-2021-42786 was published Mar 11, 2022

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Critical Unreviewed

CVE-2021-42787 was published Mar 11, 2022

There is a permission control vulnerability in the Nearby module. Successful exploitation of this... Critical Unreviewed

CVE-2021-40053 was published Mar 11, 2022

UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511... Critical Unreviewed

CVE-2022-25621 was published Mar 12, 2022

There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this... Critical Unreviewed

CVE-2021-40050 was published Mar 11, 2022

Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function... Critical Unreviewed

CVE-2021-33293 was published Mar 11, 2022

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused... Critical Unreviewed

CVE-2020-14115 was published Mar 11, 2022

A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm... Critical Unreviewed

CVE-2021-44620 was published Mar 12, 2022

The following Yokogawa Electric products hard-code the password for CAMS server applications:... Critical Unreviewed

CVE-2022-23402 was published Mar 12, 2022

The Rambus SafeZone Basic Crypto Module, as used in certain Fujifilm (formerly Fuji Xerox)... Critical Unreviewed

CVE-2022-26320 was published Mar 15, 2022

The following Yokogawa Electric products do not change the passwords of the internal Windows... Critical Unreviewed

CVE-2022-21194 was published Mar 12, 2022

An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private... Critical Unreviewed

CVE-2021-45887 was published Mar 14, 2022

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed

CVE-2022-25494 was published Mar 16, 2022

The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the... Critical Unreviewed

CVE-2022-0169 was published Mar 15, 2022

The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location... Critical Unreviewed

CVE-2022-0658 was published Mar 15, 2022

Online Project Time Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed

CVE-2022-26293 was published Mar 17, 2022

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Critical Unreviewed

CVE-2022-25251 was published Mar 17, 2022

Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin... Critical Unreviewed

CVE-2022-25487 was published Mar 16, 2022

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in ... Critical Unreviewed

CVE-2022-25488 was published Mar 16, 2022

The component /jquery_file_upload/server/php/index.php of CuppaCMS v1.0 allows attackers to... Critical Unreviewed

CVE-2022-25495 was published Mar 16, 2022

HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in... Critical Unreviewed

CVE-2022-25492 was published Mar 16, 2022

The MOLIE WordPress plugin through 0.5 does not validate and escape a post parameter before using... Critical Unreviewed

CVE-2021-25007 was published Mar 15, 2022

HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in... Critical Unreviewed

CVE-2022-25490 was published Mar 16, 2022

The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory... Critical Unreviewed

CVE-2022-0982 was published Mar 17, 2022

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

18,809 advisories