GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,252
Composer 4,810
Erlang 36
GitHub Actions 31
Go 2,395
Maven 5,777
npm 4,030
NuGet 721
pip 3,820
Pub 12
RubyGems 932
Rust 988
Swift 38

Unreviewed advisories

All unreviewed 263,558

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,310 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext... Critical Unreviewed

CVE-2018-20839 was published May 24, 2022

An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit... Critical Unreviewed

CVE-2018-17181 was published May 24, 2022

An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task... Critical Unreviewed

CVE-2018-17179 was published May 24, 2022

In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE before 11.2-RELEASE-p10,... Critical Unreviewed

CVE-2019-5597 was published May 24, 2022

RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to... Critical Unreviewed

CVE-2019-3725 was published May 24, 2022

ClientServiceConfigController.cs in Enghouse Cloud Contact Center Platform 7.2.5 has... Critical Unreviewed

CVE-2018-8940 was published May 24, 2022

An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4... Critical Unreviewed

CVE-2018-6885 was published May 24, 2022

LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary... Critical Unreviewed

CVE-2018-14839 was published May 24, 2022

The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p... Critical Unreviewed

CVE-2018-18800 was published May 24, 2022

In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can... Critical Unreviewed

CVE-2019-7690 was published May 24, 2022

KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product... Critical Unreviewed

CVE-2019-11680 was published May 24, 2022

An issue was discovered in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow... Critical Unreviewed

CVE-2018-18912 was published May 24, 2022

An issue was discovered in Polycom Group Series 6.1.6.1 and earlier, HDX 3.1.12 and earlier, and... Critical Unreviewed

CVE-2018-15128 was published May 24, 2022

System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows... Critical Unreviewed

CVE-2018-14714 was published May 24, 2022

Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The... Critical Unreviewed

CVE-2015-9287 was published May 24, 2022

openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request... Critical Unreviewed

CVE-2019-11066 was published May 24, 2022

Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a... Critical Unreviewed

CVE-2019-11059 was published May 24, 2022

A security vulnerability in the HPE Virtual Connect SE 16Gb Fibre Channel Module for HPE Synergy... Critical Unreviewed

CVE-2018-7120 was published May 24, 2022

Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by:... Critical Unreviewed

CVE-2017-12759 was published May 24, 2022

Certain Ambit Technologies Pvt. Ltd products are affected by: SQL Injection. This affects iTech... Critical Unreviewed

CVE-2017-12757 was published May 24, 2022

An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk... Critical Unreviewed

CVE-2019-7442 was published May 24, 2022

In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check.... Critical Unreviewed

CVE-2019-2045 was published May 24, 2022

A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models... Critical Unreviewed

CVE-2019-11560 was published May 24, 2022

A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1... Critical Unreviewed

CVE-2018-6634 was published May 24, 2022

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext... Critical Unreviewed

CVE-2018-13992 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,310 advisories