GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,473

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

19,966 advisories

Filter by severity

Sort by

Least recently updated

Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA... Critical Unreviewed

CVE-2021-3160 was published May 24, 2022

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions... Critical Unreviewed

CVE-2020-25784 was published May 24, 2022

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions... Critical Unreviewed

CVE-2020-25785 was published May 24, 2022

IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2020-4682 was published May 24, 2022

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions... Critical Unreviewed

CVE-2020-25783 was published May 24, 2022

An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions... Critical Unreviewed

CVE-2020-25782 was published May 24, 2022

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation... Critical Unreviewed

CVE-2021-3325 was published May 24, 2022

condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the... Critical Unreviewed

CVE-2021-25311 was published May 24, 2022

oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where... Critical Unreviewed

CVE-2020-23360 was published May 24, 2022

phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for... Critical Unreviewed

CVE-2020-23361 was published May 24, 2022

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform... Critical Unreviewed

CVE-2021-3304 was published May 24, 2022

WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because... Critical Unreviewed

CVE-2020-23359 was published May 24, 2022

Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server... Critical Unreviewed

CVE-2021-3199 was published May 24, 2022

A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when... Critical Unreviewed

CVE-2021-3185 was published May 24, 2022

phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports. Critical Unreviewed

CVE-2021-3188 was published May 24, 2022

Local Service Search Engine Management System 1.0 has a vulnerability through authentication... Critical Unreviewed

CVE-2021-3278 was published May 24, 2022

Improper access and command validation in the Docker config wizard of Nagios XI before 5.8.0... Critical Unreviewed

CVE-2021-3193 was published May 24, 2022

SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is... Critical Unreviewed

CVE-2021-3286 was published May 24, 2022

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server... Critical Unreviewed

CVE-2020-6779 was published May 24, 2022

EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin... Critical Unreviewed

CVE-2020-35263 was published May 24, 2022

Student Result Management System In PHP With Source Code is affected by SQL injection. An... Critical Unreviewed

CVE-2020-35270 was published May 24, 2022

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the... Critical Unreviewed

CVE-2020-28998 was published May 24, 2022

** UNSUPPORTED WHEN ASSIGNED ** IBM InfoSphere Information Server 8.5.0.0 is affected by... Critical Unreviewed

CVE-2020-27583 was published May 24, 2022

The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to... Critical Unreviewed

CVE-2020-27299 was published May 24, 2022

Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1. AgentUpdater... Critical Unreviewed

CVE-2020-27539 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

19,966 advisories