GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
249,573 advisories
Filter by severity
Directory traversal vulnerability in the web interface on Cisco RV180 and RV180W devices allows...
High
Unreviewed
CVE-2016-1429
was published
May 17, 2022
An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via...
Moderate
Unreviewed
CVE-2021-42087
was published
May 24, 2022
Uncontrolled resource consumption in MELSEC iQ-R series C Controller Module R12CCPU-V all...
Moderate
Unreviewed
CVE-2021-20600
was published
May 24, 2022
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.
Critical
Unreviewed
CVE-2021-42109
was published
May 24, 2022
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows...
Moderate
Unreviewed
CVE-2021-38179
was published
May 24, 2022
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is...
High
Unreviewed
CVE-2021-41801
was published
May 24, 2022
A security flaw in the 'owned' function of a smart contract implementation for BTC2X (B2X), a...
High
Unreviewed
CVE-2021-34273
was published
May 24, 2022
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller...
Critical
Unreviewed
CVE-2020-21651
was published
May 24, 2022
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and...
High
Unreviewed
CVE-2021-29873
was published
May 24, 2022
Improper access control in trusted application environment can cause unauthorized access to CDSP...
High
Unreviewed
CVE-2021-1932
was published
May 24, 2022
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited,...
High
Unreviewed
CVE-2021-22928
was published
May 24, 2022
In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible...
Critical
Unreviewed
CVE-2021-36706
was published
May 24, 2022
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact...
Critical
Unreviewed
CVE-2020-25928
was published
May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by...
Moderate
Unreviewed
CVE-2020-4706
was published
May 24, 2022
Certain NETGEAR devices are affected by privilege escalation. This affects D8500 before 1.0.3.44,...
High
Unreviewed
CVE-2021-38539
was published
May 24, 2022
The function that is used to parse the Authentication header in Brocade Fabric OS Web application...
Moderate
Unreviewed
CVE-2021-27791
was published
May 24, 2022
Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges...
High
Unreviewed
CVE-2020-18875
was published
May 24, 2022
In memory management driver, there is a possible system crash due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2021-0420
was published
May 24, 2022
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote...
Moderate
Unreviewed
CVE-2008-6500
was published
May 17, 2022
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite...
Moderate
Unreviewed
CVE-2008-6671
was published
May 17, 2022
Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to...
Moderate
Unreviewed
CVE-2008-6470
was published
May 17, 2022
SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3...
High
Unreviewed
CVE-2008-6462
was published
May 17, 2022
SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows...
High
Unreviewed
CVE-2008-6686
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier...
Moderate
Unreviewed
CVE-2008-6687
was published
May 17, 2022
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash)...
Moderate
Unreviewed
CVE-2008-6680
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API