GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,438
Composer 4,411
Erlang 33
GitHub Actions 22
Go 2,146
Maven 5,316
npm 3,808
NuGet 687
pip 3,481
Pub 12
RubyGems 897
Rust 899
Swift 38

Unreviewed advisories

All unreviewed 246,100

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

680 advisories

Filter by severity

Sort by

Least recently updated

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code... Critical Unreviewed

CVE-2021-42786 was published Mar 11, 2022

CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed

CVE-2022-25498 was published Mar 16, 2022

In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote... Critical Unreviewed

CVE-2022-27228 was published Mar 23, 2022

In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the... Critical Unreviewed

CVE-2022-25757 was published Mar 29, 2022

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute... Critical Unreviewed

CVE-2021-39065 was published Dec 14, 2021

Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to... Critical Unreviewed

CVE-2011-4124 was published Apr 22, 2022

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on... Critical Unreviewed

CVE-2018-4018 was published May 24, 2022

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed

CVE-2021-1142 was published May 24, 2022

There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed

CVE-2021-22345 was published May 24, 2022

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC-Q Series QJ71E71-100 first... Critical Unreviewed

CVE-2022-25163 was published Jun 3, 2022

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... Critical Unreviewed

CVE-2021-1301 was published May 24, 2022

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... Critical Unreviewed

CVE-2021-1468 was published May 24, 2022

Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed

CVE-2022-30712 was published Jun 8, 2022

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper... Critical Unreviewed

CVE-2021-37417 was published May 24, 2022

Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows... Critical Unreviewed

CVE-2015-1555 was published May 17, 2022

Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed

CVE-2022-30710 was published Jun 8, 2022

Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed

CVE-2022-30711 was published Jun 8, 2022

Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed

CVE-2022-30713 was published Jun 8, 2022

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,... Critical Unreviewed

CVE-2021-1459 was published May 24, 2022

A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary... Critical Unreviewed

CVE-2020-24672 was published May 24, 2022

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux... Critical Unreviewed

CVE-2017-9811 was published May 17, 2022

Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of... Critical Unreviewed

CVE-2017-11673 was published May 17, 2022

PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution... Critical Unreviewed

CVE-2017-11495 was published May 17, 2022

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote... Critical Unreviewed

CVE-2017-11393 was published May 17, 2022

Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute... Critical Unreviewed

CVE-2017-11346 was published May 17, 2022

Previous 1 2 3 4 5 … 27 28 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

680 advisories