GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,121
Composer 4,331
Erlang 31
GitHub Actions 21
Go 2,093
Maven 5,254
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,200

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,203 advisories

Filter by severity

Sort by

Least recently updated

A memory corruption issue was addressed with improved validation. This issue is fixed in Security... Critical Unreviewed

CVE-2021-1882 was published May 24, 2022

An application may be able to execute arbitrary code with system privileges. This issue is fixed... Critical Unreviewed

CVE-2021-30655 was published May 24, 2022

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur... Critical Unreviewed

CVE-2021-30678 was published May 24, 2022

Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is... Critical Unreviewed

CVE-2021-30690 was published May 24, 2022

A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary... Critical Unreviewed

CVE-2020-24672 was published May 24, 2022

Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote... Critical Unreviewed

CVE-2020-19138 was published May 24, 2022

Command Injection in PPGo_Jobs v2.8.0 allows remote attackers to execute arbitrary code via the ... Critical Unreviewed

CVE-2020-26772 was published May 24, 2022

ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a... Critical Unreviewed

CVE-2021-40540 was published May 24, 2022

SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the... Critical Unreviewed

CVE-2021-38840 was published May 24, 2022

A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways;... Critical Unreviewed

CVE-2021-37716 was published May 24, 2022

A vulnerability (improper input validation) in the DEXT5 Upload solution allows an... Critical Unreviewed

CVE-2020-7832 was published May 24, 2022

A vulnerability(improper input validation) in the ExECM CoreB2B solution allows an... Critical Unreviewed

CVE-2020-7865 was published May 24, 2022

An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap... Critical Unreviewed

CVE-2020-19751 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API... Critical Unreviewed

CVE-2021-40539 was published May 24, 2022

eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger... Critical Unreviewed

CVE-2021-39497 was published May 24, 2022

A receiver of a federated share with access to the database with ownCloud version before 10.8... Critical Unreviewed

CVE-2021-35946 was published May 24, 2022

Sketch before 75 mishandles external library feeds. Critical Unreviewed

CVE-2021-40531 was published May 24, 2022

Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension. Critical Unreviewed

CVE-2021-40532 was published May 24, 2022

A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of... Critical Unreviewed

CVE-2021-34746 was published May 24, 2022

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in... Critical Unreviewed

CVE-2021-22704 was published May 24, 2022

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier)... Critical Unreviewed

CVE-2021-28550 was published May 24, 2022

An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a... Critical Unreviewed

CVE-2020-18048 was published May 24, 2022

VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints... Critical Unreviewed

CVE-2021-22002 was published May 24, 2022

bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the ... Critical Unreviewed

CVE-2020-20495 was published May 24, 2022

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed

CVE-2021-40353 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,203 advisories