Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

915 advisories

Loading
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and... Critical Unreviewed
CVE-2020-20907 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... Critical Unreviewed
CVE-2021-1468 was published May 24, 2022
Improper input validation of octal strings in Python stdlib ipaddress 3.10 and below allows... Critical Unreviewed
CVE-2021-29921 was published May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab... Critical Unreviewed
CVE-2021-22205 was published May 24, 2022
A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command... Critical Unreviewed
CVE-2020-7857 was published May 24, 2022
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated arbitrary... Critical Unreviewed
CVE-2021-23279 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,... Critical Unreviewed
CVE-2021-1459 was published May 24, 2022
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x... Critical Unreviewed
CVE-2021-22991 was published May 24, 2022
In MaEPSBroker 2.5.0.31 and prior, a command injection vulnerability caused by improper input... Critical Unreviewed
CVE-2020-7839 was published May 24, 2022
In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code on the server side due to... Critical Unreviewed
CVE-2020-28870 was published May 24, 2022
Deleting users with certain names caused system files to be deleted. Risk is higher for systems... Critical Unreviewed
CVE-2020-28645 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... Critical Unreviewed
CVE-2021-1301 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1142 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1138 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1140 was published May 24, 2022
git-big-picture Code Execution Critical
CVE-2021-3028 was published for git-big-picture (pip) May 24, 2022
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit... Critical Unreviewed
CVE-2020-9139 was published May 24, 2022
Exponent CMS before 2.6.0 has improper input validation in storeController.php. Critical Unreviewed
CVE-2016-9021 was published May 24, 2022
Exponent CMS before 2.6.0 has improper input validation in usersController.php. Critical Unreviewed
CVE-2016-9022 was published May 24, 2022
Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php. Critical Unreviewed
CVE-2016-9023 was published May 24, 2022
Exponent CMS before 2.6.0 has improper input validation in fileController.php. Critical Unreviewed
CVE-2016-9026 was published May 24, 2022
Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php. Critical Unreviewed
CVE-2016-9025 was published May 24, 2022
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An... Critical Unreviewed
CVE-2020-24679 was published May 24, 2022
Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo... Critical Unreviewed
CVE-2018-15632 was published May 24, 2022
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin... Critical Unreviewed
CVE-2020-28971 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database