GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,156

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,794 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests... High Unreviewed

CVE-2022-31983 was published Jun 3, 2022

Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/table_edit_ajax.php. Critical Unreviewed

CVE-2022-31340 was published Jun 3, 2022

A vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some... Critical Unreviewed

CVE-2017-20029 was published Jun 11, 2022

Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/category/index... Critical Unreviewed

CVE-2022-31337 was published Jun 3, 2022

GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php... Moderate Unreviewed

CVE-2021-44266 was published Jun 12, 2022

A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very... Critical Unreviewed

CVE-2017-20039 was published Jun 12, 2022

A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic.... Moderate Unreviewed

CVE-2018-25036 was published Jun 13, 2022

TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection... High Unreviewed

CVE-2020-23050 was published May 24, 2022

There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful... Critical Unreviewed

CVE-2021-36986 was published May 24, 2022

An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to... Moderate Unreviewed

CVE-2020-23058 was published May 24, 2022

Insufficient input validation in PSP firmware for discrete TPM commands could allow a potential... High Unreviewed

CVE-2020-12946 was published May 24, 2022

All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by... High Unreviewed

CVE-2021-22146 was published May 24, 2022

Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06... Critical Unreviewed

CVE-2020-22079 was published May 24, 2022

Improper access control in the software installer for the Intel(R) NUC HDMI Firmware Update Tool... High Unreviewed

CVE-2021-33089 was published May 24, 2022

IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges... High Unreviewed

CVE-2021-29774 was published May 24, 2022

Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that... Moderate Unreviewed

CVE-2021-35551 was published May 24, 2022

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader,... High Unreviewed

CVE-2021-21822 was published May 24, 2022

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey... Moderate Unreviewed

CVE-2022-26731 was published May 27, 2022

An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0,... Low Unreviewed

CVE-2021-32600 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-38978 was published May 24, 2022

Improper access control in the firmware for the Intel(R) Ethernet Network Controller E810 before... Moderate Unreviewed

CVE-2021-0198 was published May 24, 2022

In SapphireIMS 5.0, it is possible to take over an account by sending a request to the... Critical Unreviewed

CVE-2020-25566 was published May 24, 2022

An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic... Moderate Unreviewed

CVE-2022-30783 was published May 27, 2022

IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2020-4146 was published May 24, 2022

Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration"... Critical Unreviewed

CVE-2021-21502 was published May 24, 2022

Previous 1…392…400 Next

Previous 1 2 … 390 391 392 393 394 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,794 advisories