Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

23,703 advisories

Loading
An internal security review has identified an unauthenticated remote code execution vulnerability... Critical Unreviewed
CVE-2020-8349 was published May 24, 2022
In SapphireIMS 5.0, it is possible to take over an account by sending a request to the... Critical Unreviewed
CVE-2020-25566 was published May 24, 2022
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173... Critical Unreviewed
CVE-2020-27239 was published May 24, 2022
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173... Critical Unreviewed
CVE-2020-27237 was published May 24, 2022
Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model... Critical Unreviewed
CVE-2020-5647 was published May 24, 2022
A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T... Critical Unreviewed
CVE-2021-21810 was published May 24, 2022
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173... Critical Unreviewed
CVE-2020-27233 was published May 24, 2022
The manage users profile services of the network camera device allows an authenticated. Remote... Critical Unreviewed
CVE-2021-30167 was published May 24, 2022
The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.9 has a bug... Critical Unreviewed
CVE-2021-24527 was published May 24, 2022
Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT... Critical Unreviewed
CVE-2020-5644 was published May 24, 2022
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists... Critical Unreviewed
CVE-2021-26084 was published May 24, 2022
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain... Critical Unreviewed
CVE-2021-28171 was published May 24, 2022
WriteRegistry function in TSSServiSign component does not filter and verify users’ input, remote... Critical Unreviewed
CVE-2021-37909 was published May 24, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31884 was published May 24, 2022
Improper Certificate Validation in Apache Netbeans Critical
CVE-2019-17560 was published for org.codehaus.mevenide:netbeans (Maven) May 24, 2022
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire... Critical Unreviewed
CVE-2020-25565 was published May 24, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC... Critical Unreviewed
CVE-2020-28212 was published May 24, 2022
NHIServiSignAdapter fails to verify the length of digital credential files’ path which leads to a... Critical Unreviewed
CVE-2020-25843 was published May 24, 2022
Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager,... Critical Unreviewed
CVE-2021-32522 was published May 24, 2022
ECOA BAS controller’s special page displays user account and passwords in plain text, thus... Critical Unreviewed
CVE-2021-41300 was published May 24, 2022
Use of hard-coded cryptographic key vulnerability in QSAN Storage Manager allows attackers to... Critical Unreviewed
CVE-2021-32520 was published May 24, 2022
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file... Critical Unreviewed
CVE-2021-23280 was published May 24, 2022
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323... Critical Unreviewed
CVE-2020-14305 was published May 24, 2022
Mautic stored Cross-site Scripting (XSS) Critical
CVE-2020-35129 was published for mautic/core (Composer) May 24, 2022
In Weidmüller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only... Critical Unreviewed
CVE-2021-20999 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database