GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,041
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,752
Maven 6,172
npm 4,357
NuGet 765
pip 4,121
Pub 12
RubyGems 961
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,772

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,769 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0. Critical Unreviewed

CVE-2023-2564 was published May 7, 2023

Django bypasses validation when using one form field to upload multiple files Critical

CVE-2023-31047 was published for Django (pip) May 7, 2023

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion... Critical Unreviewed

CVE-2023-30013 was published May 5, 2023

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection. Critical Unreviewed

CVE-2023-30053 was published May 5, 2023

TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can... Critical Unreviewed

CVE-2023-30054 was published May 5, 2023

NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin... Critical Unreviewed

CVE-2023-30242 was published May 5, 2023

An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of... Critical Unreviewed

CVE-2023-30122 was published May 5, 2023

Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via... Critical Unreviewed

CVE-2023-30135 was published May 5, 2023

Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the... Critical Unreviewed

CVE-2023-30090 was published May 5, 2023

AzuraCast missing brute force prevention Critical

CVE-2023-2531 was published for azuracast/azuracast (Composer) May 5, 2023

Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior... Critical Unreviewed

CVE-2023-21503 was published May 4, 2023

An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for macOS v5.0.4 allows attackers... Critical Unreviewed

CVE-2023-30328 was published May 4, 2023

Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR... Critical Unreviewed

CVE-2023-21504 was published May 4, 2023

Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband... Critical Unreviewed

CVE-2023-21494 was published May 4, 2023

CLTPHP <=6.0 is vulnerable to Improper Input Validation. Critical Unreviewed

CVE-2023-30268 was published May 4, 2023

An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which... Critical Unreviewed

CVE-2023-23059 was published May 4, 2023

CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application... Critical Unreviewed

CVE-2023-30264 was published May 4, 2023

A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could... Critical Unreviewed

CVE-2023-20126 was published May 4, 2023

Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-30203 was published May 4, 2023

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable,... Critical Unreviewed

CVE-2023-29827 was published May 4, 2023

Server-side template injection in beetl Critical

CVE-2023-30331 was published for com.ibeetl:beetl (Maven) May 4, 2023

Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via ... Critical Unreviewed

CVE-2023-30077 was published May 4, 2023

An improper neutralization of input during web page generation ('Cross-site Scripting')... Critical Unreviewed

CVE-2023-22637 was published May 4, 2023

Command injection in OpenTSDB Critical

CVE-2023-25826 was published for net.opentsdb:opentsdb (Maven) May 3, 2023

Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-30204 was published May 3, 2023

Previous 1…396…400 Next

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,769 advisories