GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,556
Composer 5,975
Erlang 73
GitHub Actions 53
Go 4,004
Maven 6,648
npm 6,420
NuGet 974
pip 5,303
Pub 13
RubyGems 1,069
Rust 1,395
Swift 61

Unreviewed advisories

All unreviewed 307,830

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,740 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra... Critical Unreviewed

CVE-2018-20160 was published May 24, 2022

mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML... Critical Unreviewed

CVE-2019-9670 was published May 24, 2022

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the... Critical Unreviewed

CVE-2019-8457 was published May 24, 2022

Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in... Critical Unreviewed

CVE-2019-9874 was published May 24, 2022

The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184)... Critical Unreviewed

CVE-2019-9891 was published May 24, 2022

Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with... Critical Unreviewed

CVE-2019-9871 was published May 24, 2022

In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which... Critical Unreviewed

CVE-2018-20815 was published May 24, 2022

In Godot through 3.1, remote code execution is possible due to the deserialization policy not... Critical Unreviewed

CVE-2019-10069 was published May 24, 2022

SQL Injection in Advanced InfoData Systems (AIS) ESEL-Server 67 (which is the backend for the AIS... Critical Unreviewed

CVE-2019-10123 was published May 24, 2022

NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to... Critical Unreviewed

CVE-2019-9653 was published May 24, 2022

The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 (2.00... Critical Unreviewed

CVE-2019-6725 was published May 24, 2022

The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices... Critical Unreviewed

CVE-2019-9106 was published May 24, 2022

A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote... Critical Unreviewed

CVE-2017-14854 was published May 24, 2022

An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat... Critical Unreviewed

CVE-2017-14728 was published May 24, 2022

The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017... Critical Unreviewed

CVE-2017-14853 was published May 24, 2022

An insecure communication was found between a user and the Orpak SiteOmat management console for... Critical Unreviewed

CVE-2017-14852 was published May 24, 2022

A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The... Critical Unreviewed

CVE-2017-14851 was published May 24, 2022

Incorrect access control was discovered in the stdonato Dashboard plugin through 0.9.7 for GLPI,... Critical Unreviewed

CVE-2019-12530 was published May 24, 2022

The WP Live Chat Support Pro plugin through 8.0.26 for WordPress contains an arbitrary file... Critical Unreviewed

CVE-2019-11185 was published May 24, 2022

The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows... Critical Unreviewed

CVE-2019-11356 was published May 24, 2022

Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow... Critical Unreviewed

CVE-2019-10883 was published May 24, 2022

An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic... Critical Unreviewed

CVE-2019-11367 was published May 24, 2022

Improper access control and open directories in Ivanti LANDESK Management Suite (LDMS, aka... Critical Unreviewed

CVE-2019-12373 was published May 24, 2022

A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka... Critical Unreviewed

CVE-2019-12377 was published May 24, 2022

ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory... Critical Unreviewed

CVE-2019-12310 was published May 24, 2022

Previous 1…398…400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

30,740 advisories