Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

4,643 advisories

Loading
Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to... High Unreviewed
CVE-2020-28905 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1316 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1317 was published May 24, 2022
Memory corruption due to improper input validation while processing IO control which is... High Unreviewed
CVE-2021-1892 was published May 24, 2022
An improper input validation in FortiAI v1.4.0 and earlier may allow an authenticated user to... High Unreviewed
CVE-2021-24023 was published May 24, 2022
A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input... High Unreviewed
CVE-2021-31933 was published May 24, 2022
Improper Input Validation in Undertow High
CVE-2020-1757 was published for io.undertow:undertow-core (Maven) May 24, 2022
yawkat
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate... High Unreviewed
CVE-2020-0646 was published May 24, 2022
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to... High Unreviewed
CVE-2020-27828 was published May 24, 2022
VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior... High Unreviewed
CVE-2021-21999 was published May 24, 2022
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31950, CVE... High Unreviewed
CVE-2021-31948 was published May 24, 2022
An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able... High Unreviewed
CVE-2020-24985 was published May 24, 2022
There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a... High Unreviewed
CVE-2021-3487 was published May 24, 2022
ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain... High Unreviewed
CVE-2021-27230 was published May 24, 2022
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1... High Unreviewed
CVE-2016-1351 was published May 17, 2022
Improper Input Validation in Apache Qpid AMQP 0-x JMS High
CVE-2016-4974 was published for org.apache.qpid:qpid-jms-client (Maven) May 14, 2022
An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the... High Unreviewed
CVE-2018-4026 was published May 24, 2022
Improper Input Validation in Drools and jBPM High
CVE-2014-8125 was published for org.drools:drools-core (Maven) May 17, 2022
Improper Input Validation in Apache Commons Email High
CVE-2017-9801 was published for org.apache.commons:commons-email (Maven) May 17, 2022
Improper Input Validation in Apache Struts High
CVE-2016-1182 was published for org.apache.struts:struts-core (Maven) May 13, 2022
Improper Input Validation in Apache Kafka High
CVE-2018-17196 was published for org.apache.kafka:kafka (Maven) May 24, 2022
Improper Input Validation in Apache Axis2 High
CVE-2010-1632 was published for org.apache.axis2.wso2:axis2 (Maven) May 17, 2022
In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before... High Unreviewed
CVE-2020-7452 was published May 24, 2022
A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X... High Unreviewed
CVE-2018-4054 was published May 13, 2022
The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL... High Unreviewed
CVE-2020-7224 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database