Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

915 advisories

Loading
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the... Critical Unreviewed
CVE-2022-33752 was published Jun 17, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,... Critical Unreviewed
CVE-2022-20825 was published Jun 16, 2022
Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30713 was published Jun 8, 2022
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30711 was published Jun 8, 2022
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30710 was published Jun 8, 2022
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30712 was published Jun 8, 2022
SQL injection and file upload attacks are possible due to insufficient validation of input values... Critical Unreviewed
CVE-2021-26634 was published Jun 3, 2022
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC-Q Series QJ71E71-100 first... Critical Unreviewed
CVE-2022-25163 was published Jun 3, 2022
A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert... Critical Unreviewed
CVE-2020-28221 was published May 24, 2022
WriteRegistry function in TSSServiSign component does not filter and verify users’ input, remote... Critical Unreviewed
CVE-2021-37909 was published May 24, 2022
Pebble Templates Improper Input Validation vulnerability Critical
CVE-2019-19899 was published for io.pebbletemplates:pebble-project (Maven) May 24, 2022
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent... Critical Unreviewed
CVE-2021-43267 was published May 24, 2022
An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker... Critical Unreviewed
CVE-2021-26607 was published May 24, 2022
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource... Critical Unreviewed
CVE-2020-18683 was published May 24, 2022
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource... Critical Unreviewed
CVE-2020-18685 was published May 24, 2022
The network address administrative settings web portal for the Zoom on-premise Meeting Connector... Critical Unreviewed
CVE-2021-34416 was published May 24, 2022
A command injection vulnerability in the web server of some Hikvision product. Due to the... Critical Unreviewed
CVE-2021-36260 was published May 24, 2022
An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021... Critical Unreviewed
CVE-2021-25449 was published May 24, 2022
A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary... Critical Unreviewed
CVE-2020-24672 was published May 24, 2022
A vulnerability (improper input validation) in the DEXT5 Upload solution allows an... Critical Unreviewed
CVE-2020-7832 was published May 24, 2022
A vulnerability(improper input validation) in the ExECM CoreB2B solution allows an... Critical Unreviewed
CVE-2020-7865 was published May 24, 2022
Magento is affected by an improper input validation vulnerability while saving a customer's details Critical
CVE-2021-36025 was published for magento/community-edition (Composer) May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed
CVE-2021-36035 was published May 24, 2022
Magento executes code via the API File Option Upload Extension Critical
CVE-2021-36042 was published for magento/community-edition (Composer) May 24, 2022
Magento has a file extension restrictions bypass Critical
CVE-2021-36040 was published for magento/community-edition (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database