GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,936

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,645 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read... Critical Unreviewed

CVE-2018-0705 was published May 14, 2022

LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via... Critical Unreviewed

CVE-2018-16167 was published May 14, 2022

Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute... Critical Unreviewed

CVE-2018-19415 was published May 14, 2022

An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and... Critical Unreviewed

CVE-2018-12671 was published May 14, 2022

An XML External Entity (XXE) vulnerability exists in iWay Data Quality Suite Web Console 10.6.1... Critical Unreviewed

CVE-2018-17411 was published May 14, 2022

Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via... Critical Unreviewed

CVE-2018-18963 was published May 14, 2022

SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in... Critical Unreviewed

CVE-2018-18399 was published May 14, 2022

WUZHI CMS 4.1.0 allows coreframe/app/coupon/admin/copyfrom.php SQL injection via the index.php?m... Critical Unreviewed

CVE-2018-20572 was published May 14, 2022

Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An... Critical Unreviewed

CVE-2018-1000625 was published May 14, 2022

OPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) version v3.6-2 and earlier... Critical Unreviewed

CVE-2019-1000023 was published May 14, 2022

XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0 Critical Unreviewed

CVE-2018-15362 was published May 14, 2022

user/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows... Critical Unreviewed

CVE-2018-20569 was published May 14, 2022

"IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE)... Critical Unreviewed

CVE-2022-40747 was published Nov 4, 2022

Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2018-19861 was published May 14, 2022

phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that... Critical Unreviewed

CVE-2018-1000869 was published May 14, 2022

In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a... Critical Unreviewed

CVE-2018-9355 was published May 14, 2022

ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a... Critical Unreviewed

CVE-2012-6710 was published May 14, 2022

An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory... Critical Unreviewed

CVE-2019-7234 was published May 14, 2022

K9Mail version <= v5.600 contains a XML External Entity (XXE) vulnerability in WebDAV response... Critical Unreviewed

CVE-2018-1000831 was published May 14, 2022

MicroMathematics version before commit 5c05ac8 contains a XML External Entity (XXE) vulnerability... Critical Unreviewed

CVE-2018-1000821 was published May 14, 2022

SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier... Critical Unreviewed

CVE-2018-13045 was published May 14, 2022

runelite version <= runelite-parent-1.4.23 contains a XML External Entity (XXE) vulnerability in... Critical Unreviewed

CVE-2018-1000834 was published May 14, 2022

Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation... Critical Unreviewed

CVE-2018-1000881 was published May 14, 2022

Ice Cold Apps Servers Ultimate 6.0.2(12) does not require authentication for TELNET, SSH, or FTP,... Critical Unreviewed

CVE-2013-7465 was published May 14, 2022

HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in ... Critical Unreviewed

CVE-2018-1000871 was published May 14, 2022

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,645 advisories