GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,556
Composer 5,975
Erlang 73
GitHub Actions 53
Go 4,004
Maven 6,648
npm 6,420
NuGet 974
pip 5,303
Pub 13
RubyGems 1,069
Rust 1,395
Swift 61

Unreviewed advisories

All unreviewed 307,830

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,740 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340,... Critical Unreviewed

CVE-2018-7241 was published May 14, 2022

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie. Critical Unreviewed

CVE-2018-18792 was published May 14, 2022

Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection. Critical Unreviewed

CVE-2018-17243 was published May 14, 2022

Incorrect access control in formPasswordSetup in TOTOLINK A3002RU version 1.0.8 allows attackers... Critical Unreviewed

CVE-2018-13315 was published May 14, 2022

An issue was discovered in arcms through 2018-03-19. No authentication is required for index/main... Critical Unreviewed

CVE-2018-19557 was published May 14, 2022

CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the... Critical Unreviewed

CVE-2018-19559 was published May 14, 2022

ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request... Critical Unreviewed

CVE-2016-10731 was published May 14, 2022

Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an... Critical Unreviewed

CVE-2018-15540 was published May 14, 2022

Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter. Critical Unreviewed

CVE-2018-18822 was published May 14, 2022

CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by... Critical Unreviewed

CVE-2018-14957 was published May 14, 2022

SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection. Critical Unreviewed

CVE-2018-18763 was published May 14, 2022

Library Management System 1.0 has SQL Injection via the "Search for Books" screen. Critical Unreviewed

CVE-2018-18796 was published May 14, 2022

Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command. Critical Unreviewed

CVE-2018-18861 was published May 14, 2022

HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because... Critical Unreviewed

CVE-2018-19530 was published May 14, 2022

HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because... Critical Unreviewed

CVE-2018-19531 was published May 14, 2022

FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in... Critical Unreviewed

CVE-2018-1000825 was published May 14, 2022

XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser... Critical Unreviewed

CVE-2018-1000830 was published May 14, 2022

Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse... Critical Unreviewed

CVE-2018-18803 was published May 14, 2022

The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126... Critical Unreviewed

CVE-2018-1000810 was published May 14, 2022

FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified... Critical Unreviewed

CVE-2018-0694 was published May 14, 2022

On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings... Critical Unreviewed

CVE-2018-17881 was published May 14, 2022

Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed

CVE-2018-0681 was published May 14, 2022

In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free.... Critical Unreviewed

CVE-2018-9356 was published May 14, 2022

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and... Critical Unreviewed

CVE-2018-19081 was published May 14, 2022

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... Critical Unreviewed

CVE-2018-11905 was published May 14, 2022

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

30,740 advisories