GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
18,799 advisories
Filter by severity
The rsvpmaker plugin before 5.6.4 for WordPress has SQL injection.
Critical
Unreviewed
CVE-2018-21004
was published
May 24, 2022
The wp-polls plugin before 2.72 for WordPress has SQL injection.
Critical
Unreviewed
CVE-2015-9352
was published
May 24, 2022
The link-log plugin before 2.1 for WordPress has SQL injection.
Critical
Unreviewed
CVE-2015-9344
was published
May 24, 2022
The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the...
Critical
Unreviewed
CVE-2015-9351
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write...
Critical
Unreviewed
CVE-2019-7997
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write...
Critical
Unreviewed
CVE-2019-7998
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write...
Critical
Unreviewed
CVE-2019-8001
was published
May 24, 2022
Buffer Overflow in dacterea in Delta Controls enteliBUS Manager V3.40_B-571848 allows remote...
Critical
Unreviewed
CVE-2019-9569
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow...
Critical
Unreviewed
CVE-2019-7993
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow...
Critical
Unreviewed
CVE-2019-7990
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write...
Critical
Unreviewed
CVE-2019-7992
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion...
Critical
Unreviewed
CVE-2019-7972
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion...
Critical
Unreviewed
CVE-2019-7974
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion...
Critical
Unreviewed
CVE-2019-7969
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion...
Critical
Unreviewed
CVE-2019-7971
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion...
Critical
Unreviewed
CVE-2019-7970
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion...
Critical
Unreviewed
CVE-2019-7975
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion...
Critical
Unreviewed
CVE-2019-7973
was published
May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection...
Critical
Unreviewed
CVE-2019-7968
was published
May 24, 2022
Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php.
Critical
Unreviewed
CVE-2019-15573
was published
May 24, 2022
The WEB control panel before 2019-04-30 for ClonOS allows SQL injection in clonos.php.
Critical
Unreviewed
CVE-2019-15571
was published
May 24, 2022
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC...
Critical
Unreviewed
CVE-2019-4169
was published
May 24, 2022
idseq-web before 2019-07-01 in Infectious Disease Sequencing Platform IDseq allows SQL injection...
Critical
Unreviewed
CVE-2019-15568
was published
May 24, 2022
OpenForis Arena before 2019-05-07 allows SQL injection in the sorting feature.
Critical
Unreviewed
CVE-2019-15567
was published
May 24, 2022
The Compassion Switzerland addons 10.01.4 for Odoo allow SQL injection in models...
Critical
Unreviewed
CVE-2019-15564
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API