Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

249,573 advisories

Loading
Directory traversal vulnerability in the web interface on Cisco RV180 and RV180W devices allows... High Unreviewed
CVE-2016-1429 was published May 17, 2022
An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via... Moderate Unreviewed
CVE-2021-42087 was published May 24, 2022
Uncontrolled resource consumption in MELSEC iQ-R series C Controller Module R12CCPU-V all... Moderate Unreviewed
CVE-2021-20600 was published May 24, 2022
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root. Critical Unreviewed
CVE-2021-42109 was published May 24, 2022
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed
CVE-2021-38179 was published May 24, 2022
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is... High Unreviewed
CVE-2021-41801 was published May 24, 2022
A security flaw in the 'owned' function of a smart contract implementation for BTC2X (B2X), a... High Unreviewed
CVE-2021-34273 was published May 24, 2022
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller... Critical Unreviewed
CVE-2020-21651 was published May 24, 2022
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and... High Unreviewed
CVE-2021-29873 was published May 24, 2022
Improper access control in trusted application environment can cause unauthorized access to CDSP... High Unreviewed
CVE-2021-1932 was published May 24, 2022
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited,... High Unreviewed
CVE-2021-22928 was published May 24, 2022
In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible... Critical Unreviewed
CVE-2021-36706 was published May 24, 2022
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact... Critical Unreviewed
CVE-2020-25928 was published May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by... Moderate Unreviewed
CVE-2020-4706 was published May 24, 2022
Certain NETGEAR devices are affected by privilege escalation. This affects D8500 before 1.0.3.44,... High Unreviewed
CVE-2021-38539 was published May 24, 2022
The function that is used to parse the Authentication header in Brocade Fabric OS Web application... Moderate Unreviewed
CVE-2021-27791 was published May 24, 2022
Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges... High Unreviewed
CVE-2020-18875 was published May 24, 2022
In memory management driver, there is a possible system crash due to a missing bounds check. This... Moderate Unreviewed
CVE-2021-0420 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote... Moderate Unreviewed
CVE-2008-6500 was published May 17, 2022
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite... Moderate Unreviewed
CVE-2008-6671 was published May 17, 2022
Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to... Moderate Unreviewed
CVE-2008-6470 was published May 17, 2022
SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3... High Unreviewed
CVE-2008-6462 was published May 17, 2022
SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows... High Unreviewed
CVE-2008-6686 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier... Moderate Unreviewed
CVE-2008-6687 was published May 17, 2022
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash)... Moderate Unreviewed
CVE-2008-6680 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database