GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
674 advisories
Filter by severity
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code...
Critical
Unreviewed
CVE-2021-42786
was published
Mar 11, 2022
CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2022-25498
was published
Mar 16, 2022
In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote...
Critical
Unreviewed
CVE-2022-27228
was published
Mar 23, 2022
In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the...
Critical
Unreviewed
CVE-2022-25757
was published
Mar 29, 2022
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute...
Critical
Unreviewed
CVE-2021-39065
was published
Dec 14, 2021
Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to...
Critical
Unreviewed
CVE-2011-4124
was published
Apr 22, 2022
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent...
Critical
Unreviewed
CVE-2017-8923
was published
May 14, 2022
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on...
Critical
Unreviewed
CVE-2018-4018
was published
May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an...
Critical
Unreviewed
CVE-2021-1142
was published
May 24, 2022
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of...
Critical
Unreviewed
CVE-2021-22345
was published
May 24, 2022
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC-Q Series QJ71E71-100 first...
Critical
Unreviewed
CVE-2022-25163
was published
Jun 3, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2021-1301
was published
May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab...
Critical
Unreviewed
CVE-2021-22205
was published
May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote...
Critical
Unreviewed
CVE-2021-1468
was published
May 24, 2022
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers...
Critical
Unreviewed
CVE-2022-30712
was published
Jun 8, 2022
Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper...
Critical
Unreviewed
CVE-2021-37417
was published
May 24, 2022
Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows...
Critical
Unreviewed
CVE-2015-1555
was published
May 17, 2022
Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers...
Critical
Unreviewed
CVE-2022-30713
was published
Jun 8, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,...
Critical
Unreviewed
CVE-2021-1459
was published
May 24, 2022
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers...
Critical
Unreviewed
CVE-2022-30711
was published
Jun 8, 2022
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers...
Critical
Unreviewed
CVE-2022-30710
was published
Jun 8, 2022
A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary...
Critical
Unreviewed
CVE-2020-24672
was published
May 24, 2022
The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux...
Critical
Unreviewed
CVE-2017-9811
was published
May 17, 2022
Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of...
Critical
Unreviewed
CVE-2017-11673
was published
May 17, 2022
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution...
Critical
Unreviewed
CVE-2017-11495
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API