Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,577 advisories

Loading
Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-23397 was published Mar 14, 2023
In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the... High Unreviewed
CVE-2023-22952 was published Jan 11, 2023
The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code... Critical Unreviewed
CVE-2022-29499 was published Apr 27, 2022
A command injection vulnerability in the web server of some Hikvision product. Due to the... Critical Unreviewed
CVE-2021-36260 was published May 24, 2022
Assuming radio permission is gained, missing input validation in modem interface driver prior to... Moderate Unreviewed
CVE-2021-25489 was published May 24, 2022
Memory corruption due to improper check to return error when user application requests memory... High Unreviewed
CVE-2020-11261 was published May 24, 2022
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur... High Unreviewed
CVE-2021-30713 was published May 24, 2022
Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed
CVE-2025-8876 was published Aug 14, 2025
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x... Critical Unreviewed
CVE-2021-22991 was published May 24, 2022
If exploited, this command injection vulnerability could allow remote attackers to run arbitrary... Critical Unreviewed
CVE-2018-19949 was published May 24, 2022
Microsoft Defender Remote Code Execution Vulnerability High Unreviewed
CVE-2021-1647 was published May 24, 2022
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows... High Unreviewed
CVE-2024-4040 was published Apr 22, 2024
Microsoft Outlook Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21413 was published Feb 13, 2024
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18... Moderate Unreviewed
CVE-2020-8195 was published May 24, 2022
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to... High Unreviewed
CVE-2020-1040 was published May 24, 2022
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. High Unreviewed
CVE-2020-8644 was published May 24, 2022
In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect... High Unreviewed
CVE-2020-0041 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it... Moderate Unreviewed
CVE-2020-0618 was published May 24, 2022
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3... High Unreviewed
CVE-2020-0796 was published May 24, 2022
This improper input validation vulnerability allows remote attackers to inject arbitrary code to... High Unreviewed
CVE-2019-7193 was published May 24, 2022
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate... High Unreviewed
CVE-2020-0646 was published May 24, 2022
A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS... High Unreviewed
CVE-2023-41061 was published Sep 7, 2023
Microsoft Word Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-36761 was published Sep 12, 2023
A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023... Moderate Unreviewed
CVE-2023-41266 was published Aug 30, 2023
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient... Critical Unreviewed
CVE-2019-10149 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database