GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,556
Composer 5,975
Erlang 73
GitHub Actions 53
Go 4,004
Maven 6,648
npm 6,420
NuGet 974
pip 5,303
Pub 13
RubyGems 1,069
Rust 1,395
Swift 61

Unreviewed advisories

All unreviewed 307,830

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,740 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No... Critical Unreviewed

CVE-2019-11523 was published May 24, 2022

An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and... Critical Unreviewed

CVE-2019-12135 was published May 24, 2022

Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4... Critical Unreviewed

CVE-2019-3723 was published May 24, 2022

An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET... Critical Unreviewed

CVE-2018-10698 was published May 24, 2022

An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through... Critical Unreviewed

CVE-2018-20091 was published May 24, 2022

A security regression of CVE-2019-9636 was discovered in python since commit... Critical Unreviewed

CVE-2019-10160 was published May 24, 2022

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL... Critical Unreviewed

CVE-2019-12600 was published May 24, 2022

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL... Critical Unreviewed

CVE-2019-12598 was published May 24, 2022

An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with... Critical Unreviewed

CVE-2019-12776 was published May 24, 2022

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL... Critical Unreviewed

CVE-2019-12601 was published May 24, 2022

Command injection is possible in ThinStation through 6.1.1 via shell metacharacters after the cgi... Critical Unreviewed

CVE-2019-12771 was published May 24, 2022

SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection. Critical Unreviewed

CVE-2019-12599 was published May 24, 2022

In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to... Critical Unreviewed

CVE-2019-2097 was published May 24, 2022

HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php numtariffa1 parameter. Critical Unreviewed

CVE-2019-9087 was published May 24, 2022

HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle.php anno parameter. Critical Unreviewed

CVE-2019-9086 was published May 24, 2022

An invalid read of 8 bytes due to a use-after-free vulnerability during a "NULL test" in the... Critical Unreviewed

CVE-2018-20353 was published May 24, 2022

An invalid write of 8 bytes due to a use-after-free vulnerability in the... Critical Unreviewed

CVE-2018-20355 was published May 24, 2022

An invalid read of 8 bytes due to a use-after-free vulnerability during a "return" in the... Critical Unreviewed

CVE-2018-20354 was published May 24, 2022

The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the... Critical Unreviewed

CVE-2019-12780 was published May 24, 2022

An invalid read of 8 bytes due to a use-after-free vulnerability in the... Critical Unreviewed

CVE-2018-20356 was published May 24, 2022

An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users'... Critical Unreviewed

CVE-2019-9880 was published May 24, 2022

The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with... Critical Unreviewed

CVE-2019-9879 was published May 24, 2022

An issue was discovered on Wireless IP Camera (P2P) WIFICAM cameras. There is Command Injection... Critical Unreviewed

CVE-2017-18377 was published May 24, 2022

On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell... Critical Unreviewed

CVE-2016-10760 was published May 24, 2022

SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary... Critical Unreviewed

CVE-2018-11800 was published May 24, 2022

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

30,740 advisories