GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,350
Composer 4,134
Erlang 29
GitHub Actions 19
Go 1,941
Maven 5,135
npm 3,681
NuGet 650
pip 3,298
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 231,415

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,229 advisories

Filter by severity

Sort by

Least recently updated

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination... Critical Unreviewed

CVE-2020-11188 was published May 24, 2022

Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework... Critical Unreviewed

CVE-2021-26987 was published May 24, 2022

The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication,... Critical Unreviewed

CVE-2020-28899 was published May 24, 2022

Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote... Critical Unreviewed

CVE-2020-24264 was published May 24, 2022

DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On... Critical Unreviewed

CVE-2020-35358 was published May 24, 2022

myDBR 5.8.3/4262 is affected by: Cross Site Scripting (XSS). The impact is: execute arbitrary... Critical Unreviewed

CVE-2020-28149 was published May 24, 2022

A SQL injection vulnerability in zzzphp v1.8.0 through /form/index.php?module=getjson may lead to... Critical Unreviewed

CVE-2020-24877 was published May 24, 2022

Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM)... Critical Unreviewed

CVE-2021-27646 was published May 24, 2022

Out-of-bounds Read vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM... Critical Unreviewed

CVE-2021-27647 was published May 24, 2022

A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead... Critical Unreviewed

CVE-2021-20231 was published May 24, 2022

A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext... Critical Unreviewed

CVE-2021-20232 was published May 24, 2022

** DISPUTED ** Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access.... Critical Unreviewed

CVE-2021-28154 was published May 24, 2022

An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows... Critical Unreviewed

CVE-2021-28141 was published May 24, 2022

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution... Critical Unreviewed

CVE-2021-28132 was published May 24, 2022

Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC... Critical Unreviewed

CVE-2021-28134 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877,... Critical Unreviewed

CVE-2021-26893 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877,... Critical Unreviewed

CVE-2021-26897 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877,... Critical Unreviewed

CVE-2021-26895 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877,... Critical Unreviewed

CVE-2021-26894 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26893,... Critical Unreviewed

CVE-2021-26877 was published May 24, 2022

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability... Critical Unreviewed

CVE-2021-22714 was published May 24, 2022

The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute... Critical Unreviewed

CVE-2020-29045 was published May 24, 2022

When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of... Critical Unreviewed

CVE-2020-1900 was published May 24, 2022

** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name()... Critical Unreviewed

CVE-2016-20009 was published May 24, 2022

Twinkle Tray (aka twinkle-tray) through 1.13.3 allows remote command execution. A remote attacker... Critical Unreviewed

CVE-2021-28119 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,229 advisories