GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,687
Composer 5,022
Erlang 39
GitHub Actions 38
Go 2,656
Maven 6,114
npm 4,284
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,616

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,493 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c... Critical Unreviewed

CVE-2017-18174 was published May 14, 2022

MailEnable before 8.60 allows Directory Traversal for reading the messages of other users,... Critical Unreviewed

CVE-2015-9277 was published May 14, 2022

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible... Critical Unreviewed

CVE-2018-5492 was published May 14, 2022

SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be... Critical Unreviewed

CVE-2019-0247 was published May 14, 2022

Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter. Critical Unreviewed

CVE-2019-5893 was published May 14, 2022

An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL Injection via the app/article... Critical Unreviewed

CVE-2019-6259 was published May 14, 2022

An issue was discovered in weixin-java-tools v3.2.0. There is an XXE vulnerability in the... Critical Unreviewed

CVE-2018-20318 was published May 14, 2022

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i,... Critical Unreviewed

CVE-2018-20768 was published May 14, 2022

In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018... Critical Unreviewed

CVE-2018-4169 was published May 14, 2022

In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS... Critical Unreviewed

CVE-2018-4147 was published May 14, 2022

ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could... Critical Unreviewed

CVE-2018-5204 was published May 14, 2022

A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/,... Critical Unreviewed

CVE-2019-7678 was published May 14, 2022

taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name... Critical Unreviewed

CVE-2019-7720 was published May 14, 2022

The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=[SQL] or... Critical Unreviewed

CVE-2018-18801 was published May 14, 2022

HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded... Critical Unreviewed

CVE-2018-19468 was published May 14, 2022

School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php... Critical Unreviewed

CVE-2018-18795 was published May 14, 2022

In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and... Critical Unreviewed

CVE-2018-4189 was published May 14, 2022

In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved bounds checking. Critical Unreviewed

CVE-2018-4258 was published May 14, 2022

In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue... Critical Unreviewed

CVE-2018-4254 was published May 14, 2022

In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation. Critical Unreviewed

CVE-2018-4257 was published May 14, 2022

Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to... Critical Unreviewed

CVE-2018-16068 was published May 14, 2022

SQL injection vulnerability in the RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to... Critical Unreviewed

CVE-2018-16188 was published May 14, 2022

Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2... Critical Unreviewed

CVE-2018-19240 was published May 14, 2022

SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2018-20732 was published May 14, 2022

Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include... Critical Unreviewed

CVE-2018-18804 was published May 14, 2022

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,493 advisories