GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,556
Composer 5,975
Erlang 73
GitHub Actions 53
Go 4,004
Maven 6,648
npm 6,420
NuGet 974
pip 5,303
Pub 13
RubyGems 1,069
Rust 1,395
Swift 61

Unreviewed advisories

All unreviewed 307,830

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,740 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in XiaoCms 20141229. It allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2018-19196 was published May 14, 2022

In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to... Critical Unreviewed

CVE-2018-9446 was published May 14, 2022

FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow... Critical Unreviewed

CVE-2017-7862 was published May 14, 2022

HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote... Critical Unreviewed

CVE-2018-7114 was published May 14, 2022

The VideoWhisper videowhisper-video-conference-integration plugin 4.91.8 for WordPress allows... Critical Unreviewed

CVE-2015-9271 was published May 14, 2022

There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4. Critical Unreviewed

CVE-2018-18200 was published May 14, 2022

Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful... Critical Unreviewed

CVE-2018-15981 was published May 14, 2022

An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP... Critical Unreviewed

CVE-2018-19220 was published May 14, 2022

An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php... Critical Unreviewed

CVE-2018-19221 was published May 14, 2022

statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows... Critical Unreviewed

CVE-2018-19180 was published May 14, 2022

PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute... Critical Unreviewed

CVE-2018-19126 was published May 14, 2022

SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html... Critical Unreviewed

CVE-2018-19893 was published May 14, 2022

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed

CVE-2018-19067 was published May 14, 2022

gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via... Critical Unreviewed

CVE-2013-4451 was published May 14, 2022

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed

CVE-2018-19063 was published May 14, 2022

EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary code via ..%2F directory... Critical Unreviewed

CVE-2018-18869 was published May 14, 2022

Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta Critical Unreviewed

CVE-2018-9208 was published May 14, 2022

Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in... Critical Unreviewed

CVE-2017-18318 was published May 14, 2022

Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1... Critical Unreviewed

CVE-2016-10190 was published May 14, 2022

An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in... Critical Unreviewed

CVE-2018-16521 was published May 14, 2022

DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter. Critical Unreviewed

CVE-2018-19061 was published May 14, 2022

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication... Critical Unreviewed

CVE-2018-12242 was published May 14, 2022

An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing... Critical Unreviewed

CVE-2018-18765 was published May 14, 2022

TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load... Critical Unreviewed

CVE-2018-19528 was published May 14, 2022

An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist... Critical Unreviewed

CVE-2018-19558 was published May 14, 2022

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

30,740 advisories