GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,726
Composer 4,023
Erlang 29
GitHub Actions 16
Go 1,830
Maven 5,045
npm 3,573
NuGet 632
pip 3,156
Pub 10
RubyGems 847
Rust 796
Swift 34

Unreviewed advisories

All unreviewed 224,712

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

22,389 advisories

Filter by severity

Sort by

Least recently updated

In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution. Critical Unreviewed

CVE-2017-17976 was published May 14, 2022

SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php. Critical Unreviewed

CVE-2018-5988 was published May 14, 2022

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains hard-coded credentials. A remote... Critical Unreviewed

CVE-2017-1204 was published May 14, 2022

SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=... Critical Unreviewed

CVE-2018-5977 was published May 14, 2022

SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field. Critical Unreviewed

CVE-2018-5978 was published May 14, 2022

Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP servers to execute... Critical Unreviewed

CVE-2017-18047 was published May 14, 2022

SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login... Critical Unreviewed

CVE-2018-5985 was published May 14, 2022

SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the... Critical Unreviewed

CVE-2018-5984 was published May 14, 2022

SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat... Critical Unreviewed

CVE-2018-5972 was published May 14, 2022

SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site.php, /pagelist.php, or ... Critical Unreviewed

CVE-2018-6365 was published May 14, 2022

An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted... Critical Unreviewed

CVE-2018-5997 was published May 14, 2022

Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and below via the track... Critical Unreviewed

CVE-2018-6308 was published May 14, 2022

SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php... Critical Unreviewed

CVE-2018-5973 was published May 14, 2022

A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14,... Critical Unreviewed

CVE-2017-13696 was published May 14, 2022

In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver allows privilege... Critical Unreviewed

CVE-2018-6476 was published May 14, 2022

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to... Critical Unreviewed

CVE-2017-17999 was published May 14, 2022

An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL... Critical Unreviewed

CVE-2018-5778 was published May 14, 2022

Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data... Critical Unreviewed

CVE-2018-5704 was published May 14, 2022

SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug... Critical Unreviewed

CVE-2018-6576 was published May 14, 2022

SQL Injection exists in Multilanguage Real Estate MLM Script through 3.0 via the /product-list... Critical Unreviewed

CVE-2018-6364 was published May 14, 2022

Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified... Critical Unreviewed

CVE-2018-0506 was published May 14, 2022

SQL Injection exists in Vastal I-Tech Buddy Zone Facebook Clone 2.9.9 via the /chat_im... Critical Unreviewed

CVE-2018-6367 was published May 14, 2022

SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! via the usr_plan parameter... Critical Unreviewed

CVE-2018-6578 was published May 14, 2022

A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4... Critical Unreviewed

CVE-2018-6537 was published May 14, 2022

SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products... Critical Unreviewed

CVE-2018-6579 was published May 14, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,389 advisories