GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
23,088 advisories
Filter by severity
AdaptiveScale LXDUI Hardcoded JWT Secret Key
Critical
CVE-2021-40494
was published
for
lxdui
(pip)
May 24, 2022
A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of...
Critical
Unreviewed
CVE-2021-34746
was published
May 24, 2022
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier)...
Critical
Unreviewed
CVE-2021-28550
was published
May 24, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in...
Critical
Unreviewed
CVE-2021-22704
was published
May 24, 2022
An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a...
Critical
Unreviewed
CVE-2020-18048
was published
May 24, 2022
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints...
Critical
Unreviewed
CVE-2021-22002
was published
May 24, 2022
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that...
Critical
Unreviewed
CVE-2021-37415
was published
May 24, 2022
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-40353
was published
May 24, 2022
bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the ...
Critical
Unreviewed
CVE-2020-20495
was published
May 24, 2022
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the...
Critical
Unreviewed
CVE-2021-39378
was published
May 24, 2022
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the...
Critical
Unreviewed
CVE-2021-39377
was published
May 24, 2022
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the...
Critical
Unreviewed
CVE-2021-39379
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36022
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36024
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36025
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36033
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36028
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36029
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36040
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36042
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36035
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36034
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36041
was published
May 24, 2022
webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any...
Critical
Unreviewed
CVE-2021-40350
was published
May 24, 2022
A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows...
Critical
Unreviewed
CVE-2020-22848
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API