GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,819

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,992 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed

CVE-2021-1548 was published May 24, 2022

Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code... Critical Unreviewed

CVE-2020-28901 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed

CVE-2021-1553 was published May 24, 2022

The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to... High Unreviewed

CVE-2020-12967 was published May 24, 2022

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment communication. An attacker... Critical Unreviewed

CVE-2020-4979 was published May 24, 2022

The api/ZRIGMP/set_MLD_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30234 was published May 24, 2022

Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with... Critical Unreviewed

CVE-2021-25812 was published May 24, 2022

Command injection in Apache DolphinScheduler Alert Plugins Critical

CVE-2022-45462 was published for org.apache.dolphinscheduler:dolphinscheduler-alert-plugins (Maven) Nov 23, 2022

The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30228 was published May 24, 2022

The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30231 was published May 24, 2022

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2020-27862 was published May 24, 2022

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2020-27867 was published May 24, 2022

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2020-27864 was published May 24, 2022

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution... High Unreviewed

CVE-2021-0252 was published May 24, 2022

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0... High Unreviewed

CVE-2021-25172 was published May 24, 2022

SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers... High Unreviewed

CVE-2021-28242 was published May 24, 2022

A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an... High Unreviewed

CVE-2020-26670 was published May 24, 2022

In netdiag, there is a possible command injection due to improper input validation. This could... Moderate Unreviewed

CVE-2021-0358 was published May 24, 2022

In mobile_log_d, there is a possible command injection due to a missing bounds check. This could... Moderate Unreviewed

CVE-2021-0363 was published May 24, 2022

The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection... Critical Unreviewed

CVE-2020-18568 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed

CVE-2021-1555 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed

CVE-2021-1549 was published May 24, 2022

The text-to-speech engine in libretro RetroArch for Windows 0.11 passes unsanitized input to... High Unreviewed

CVE-2021-28927 was published May 24, 2022

In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not... High Unreviewed

CVE-2021-26311 was published May 24, 2022

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... Critical Unreviewed

CVE-2020-24636 was published May 24, 2022

Previous 1…100…120 Next

Previous 1 2 … 98 99 100 101 102 … 119 120 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,992 advisories