GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,571

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

124 advisories

Filter by severity

Sort by

Least recently updated

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-37040 was published Dec 9, 2021

An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the -... Critical Unreviewed

CVE-2021-44042 was published Dec 15, 2021

Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could... Critical Unreviewed

CVE-2021-45092 was published Dec 17, 2021

RCE in Add Review Function in iResturant 1.0 Allows remote attacker to execute commands remotely Critical Unreviewed

CVE-2021-43439 was published Dec 21, 2021

An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted... Critical Unreviewed

CVE-2020-20601 was published Dec 24, 2021

Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58... Critical Unreviewed

CVE-2021-45658 was published Dec 27, 2021

An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53... Critical Unreviewed

CVE-2021-44530 was published Jan 15, 2022

Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11... Critical Unreviewed

CVE-2022-0582 was published Feb 15, 2022

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item... Critical Unreviewed

CVE-2022-24300 was published Feb 15, 2022

JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection)... Critical Unreviewed

CVE-2022-24442 was published Feb 26, 2022

NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. This... Critical Unreviewed

CVE-2022-25420 was published Mar 30, 2022

A vulnerability classified as critical was found in School Club Application System 1.0. This... Critical Unreviewed

CVE-2022-1287 was published Apr 10, 2022

TWiki allows arbitrary shell command execution via the Include function Critical Unreviewed

CVE-2005-3056 was published Apr 21, 2022

The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP... Critical Unreviewed

CVE-2011-2717 was published Apr 22, 2022

Seacms v11.6 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed

CVE-2022-27336 was published Apr 28, 2022

The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote... Critical Unreviewed

CVE-2013-7070 was published May 5, 2022

A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo... Critical Unreviewed

CVE-2022-24039 was published May 11, 2022

An exploitable command injection vulnerability exists in the DHCP daemon configuration of the... Critical Unreviewed

CVE-2018-3963 was published May 13, 2022

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/... Critical Unreviewed

CVE-2018-16763 was published May 13, 2022

A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could... Critical Unreviewed

CVE-2017-14094 was published May 13, 2022

Ninka before 1.3.2 might allow remote attackers to obtain sensitive information, manipulate... Critical Unreviewed

CVE-2017-7239 was published May 13, 2022

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and... Critical Unreviewed

CVE-2018-4995 was published May 13, 2022

Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to... Critical Unreviewed

CVE-2017-1000493 was published May 14, 2022

PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user... Critical Unreviewed

CVE-2019-8948 was published May 14, 2022

PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users... Critical Unreviewed

CVE-2016-9832 was published May 14, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

124 advisories