GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 228,995

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

23,060 advisories

Filter by severity

Sort by

Least recently updated

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with... Critical Unreviewed

CVE-2021-34565 was published May 24, 2022

This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to... Critical Unreviewed

CVE-2021-35222 was published May 24, 2022

A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor... Critical Unreviewed

CVE-2021-22943 was published May 24, 2022

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL... Critical Unreviewed

CVE-2021-37749 was published May 24, 2022

Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart... Critical Unreviewed

CVE-2020-15744 was published May 24, 2022

A conference management system of ZTE is impacted by a command execution vulnerability. Since the... Critical Unreviewed

CVE-2021-21741 was published May 24, 2022

A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a... Critical Unreviewed

CVE-2021-27663 was published May 24, 2022

Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestricted file uploads, which may... Critical Unreviewed

CVE-2021-32955 was published May 24, 2022

A Blind SQL injection vulnerability exists in the /DataHandler/Handler_CFG.ashx endpoint of Delta... Critical Unreviewed

CVE-2021-32983 was published May 24, 2022

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new... Critical Unreviewed

CVE-2021-32967 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in... Critical Unreviewed

CVE-2021-33055 was published May 24, 2022

A Blind SQL injection vulnerability exists in the /DataHandler/HandlerEnergyType.ashx endpoint of... Critical Unreviewed

CVE-2021-38390 was published May 24, 2022

A Blind SQL injection vulnerability exists in the /DataHandler/AM/AM_Handler.ashx endpoint of... Critical Unreviewed

CVE-2021-38391 was published May 24, 2022

A Blind SQL injection vulnerability exists in the /DataHandler/HandlerAlarmGroup.ashx endpoint of... Critical Unreviewed

CVE-2021-38393 was published May 24, 2022

An issue was discovered in EdgeGallery/developer before v1.0. There is a "Deserialization of yaml... Critical Unreviewed

CVE-2021-34066 was published May 24, 2022

Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are... Critical Unreviewed

CVE-2021-34646 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access... Critical Unreviewed

CVE-2021-37421 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper... Critical Unreviewed

CVE-2021-37417 was published May 24, 2022

Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote... Critical Unreviewed

CVE-2021-40175 was published May 24, 2022

Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/. Critical Unreviewed

CVE-2020-20675 was published May 24, 2022

Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite. Critical Unreviewed

CVE-2021-40177 was published May 24, 2022

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry... Critical Unreviewed

CVE-2021-40153 was published May 24, 2022

The GET parameter "id" in WMS v1.0 is passed without filtering, which allows attackers to perform... Critical Unreviewed

CVE-2020-18106 was published May 24, 2022

An arbitrary file upload vulnerability in the /uploads/dede component of DedeCMS V5.7SP2 allows... Critical Unreviewed

CVE-2020-18114 was published May 24, 2022

A security issue in Umbraco Forms 4.0.0 to and including 8.7.5 could lead to a remote code... Critical Unreviewed

CVE-2021-37334 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,060 advisories