GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,700
Composer 5,025
Erlang 39
GitHub Actions 38
Go 2,660
Maven 6,115
npm 4,289
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,644

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,504 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an... Critical Unreviewed

CVE-2018-0670 was published May 14, 2022

autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML... Critical Unreviewed

CVE-2018-1000838 was published May 14, 2022

Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0... Critical Unreviewed

CVE-2018-1000875 was published May 14, 2022

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices... Critical Unreviewed

CVE-2018-12670 was published May 14, 2022

Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2018-19862 was published May 14, 2022

CrashFix 1.0.4 has SQL Injection via the User[status] parameter. This is related to actionIndex... Critical Unreviewed

CVE-2018-20508 was published May 14, 2022

imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to... Critical Unreviewed

CVE-2018-20605 was published May 14, 2022

Traq 3.7.1 allows SQL Injection via a tickets?search= URI. Critical Unreviewed

CVE-2018-20779 was published May 14, 2022

Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL... Critical Unreviewed

CVE-2019-6266 was published May 14, 2022

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to... Critical Unreviewed

CVE-2018-9116 was published May 14, 2022

The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows... Critical Unreviewed

CVE-2018-9843 was published May 14, 2022

Improper input validation in SCM handler to access storage in TZ can lead to unauthorized access... Critical Unreviewed

CVE-2018-13904 was published May 14, 2022

** DISPUTED ** mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML,... Critical Unreviewed

CVE-2018-19047 was published May 14, 2022

The yaml_parse.load method in Pylearn2 allows code injection. Critical Unreviewed

CVE-2018-20027 was published May 14, 2022

Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID... Critical Unreviewed

CVE-2019-7587 was published May 14, 2022

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a... Critical Unreviewed

CVE-2019-9034 was published May 14, 2022

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a... Critical Unreviewed

CVE-2019-9035 was published May 14, 2022

DEXTUploadX5 version Between 1.0.0.0 and 2.2.0.0 contains a vulnerability that could allow remote... Critical Unreviewed

CVE-2018-5203 was published May 14, 2022

A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary... Critical Unreviewed

CVE-2018-19127 was published May 14, 2022

Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter... Critical Unreviewed

CVE-2018-1000827 was published May 14, 2022

The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0... Critical Unreviewed

CVE-2018-18933 was published May 14, 2022

An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function... Critical Unreviewed

CVE-2018-19417 was published May 14, 2022

includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability... Critical Unreviewed

CVE-2019-5720 was published May 14, 2022

MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a... Critical Unreviewed

CVE-2015-9278 was published May 14, 2022

The installer for BitDefender GravityZone relies on an encoded string in a filename to determine... Critical Unreviewed

CVE-2018-8955 was published May 14, 2022

Previous 1…398…400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,504 advisories