Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,660
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,504 advisories

Loading
AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update... Critical Unreviewed
CVE-2017-18160 was published May 14, 2022
The installer for BitDefender GravityZone relies on an encoded string in a filename to determine... Critical Unreviewed
CVE-2018-8955 was published May 14, 2022
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when... Critical Unreviewed
CVE-2018-17157 was published May 14, 2022
MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a... Critical Unreviewed
CVE-2015-9278 was published May 14, 2022
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters... Critical Unreviewed
CVE-2018-18923 was published May 14, 2022
In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper... Critical Unreviewed
CVE-2018-9476 was published May 14, 2022
Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an... Critical Unreviewed
CVE-2016-1000271 was published May 14, 2022
Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remote authenticated users to... Critical Unreviewed
CVE-2016-1142 was published May 14, 2022
Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to... Critical Unreviewed
CVE-2013-5654 was published May 14, 2022
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote... Critical Unreviewed
CVE-2022-22425 was published Nov 4, 2022
MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter. Critical Unreviewed
CVE-2020-22818 was published Nov 3, 2022
MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter. Critical Unreviewed
CVE-2020-22820 was published Nov 3, 2022
Zemana AntiMalware before 3.0.658 Beta mishandles update logic. Critical Unreviewed
CVE-2019-6440 was published May 14, 2022
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B)... Critical Unreviewed
CVE-2018-12667 was published May 14, 2022
Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3... Critical Unreviewed
CVE-2018-14749 was published May 14, 2022
An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated... Critical Unreviewed
CVE-2018-17298 was published May 14, 2022
Vanilla 2.6.x before 2.6.4 allows remote code execution. Critical Unreviewed
CVE-2018-18903 was published May 14, 2022
Jspxcms v9.0.0 allows SSRF. Critical Unreviewed
CVE-2018-20596 was published May 14, 2022
An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the gil::get_color function in... Critical Unreviewed
CVE-2019-6246 was published May 14, 2022
The DB abstraction layer of OXID eSales 4.10.6 is vulnerable to SQL injection via the oxid or... Critical Unreviewed
CVE-2018-20715 was published May 14, 2022
CubeCart before 6.1.13 has SQL Injection via the validate[] parameter of the "I forgot my... Critical Unreviewed
CVE-2018-20716 was published May 14, 2022
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filter[Query][terms][0][cnj]... Critical Unreviewed
CVE-2019-8429 was published May 14, 2022
An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php... Critical Unreviewed
CVE-2019-3577 was published May 14, 2022
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack... Critical Unreviewed
CVE-2019-6443 was published May 14, 2022
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack... Critical Unreviewed
CVE-2019-6444 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database