GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,242
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,770
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,710

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,084 advisories

Filter by severity

Sort by

Least recently updated

Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so. High Unreviewed

CVE-2011-1830 was published Apr 22, 2022

The Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the... High Unreviewed

CVE-2022-0661 was published Apr 19, 2022

A zero-code remote code injection vulnerability via configuration.php in Chamilo LMS v1.11.13... High Unreviewed

CVE-2022-27427 was published Apr 16, 2022

Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account... High Unreviewed

CVE-2021-39114 was published Apr 6, 2022

SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute... High Unreviewed

CVE-2022-26982 was published Apr 6, 2022

In all versions of GitLab CE/EE, certain Unicode characters can be abused to commit malicious... High Unreviewed

CVE-2021-39908 was published Apr 3, 2022

Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who... High Unreviewed

CVE-2022-1159 was published Apr 3, 2022

The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is... High Unreviewed

CVE-2022-0687 was published Mar 22, 2022

A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434... High Unreviewed

CVE-2020-25197 was published Mar 19, 2022

Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad... High Unreviewed

CVE-2022-0944 was published Mar 16, 2022

The absence of filters when loading some sections in the web application of the vulnerable device... High Unreviewed

CVE-2022-22985 was published Mar 11, 2022

The absence of filters when loading some sections in the web application of the vulnerable device... High Unreviewed

CVE-2022-24915 was published Mar 11, 2022

This issue exists to document that a security improvement in the way that Jira Server and Data... High Unreviewed

CVE-2021-43944 was published Mar 9, 2022

The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to... High Unreviewed

CVE-2022-0440 was published Mar 8, 2022

HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is... High Unreviewed

CVE-2022-22909 was published Mar 4, 2022

diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to... High Unreviewed

CVE-2021-41282 was published Mar 3, 2022

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code... High Unreviewed

CVE-2022-25018 was published Mar 2, 2022

AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php, High Unreviewed

CVE-2021-44238 was published Mar 2, 2022

There is a code injection vulnerability in smartphones. Successful exploitation of this... High Unreviewed

CVE-2021-22395 was published Feb 26, 2022

PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via... High Unreviewed

CVE-2022-24664 was published Feb 17, 2022

PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via... High Unreviewed

CVE-2022-24663 was published Feb 17, 2022

PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a... High Unreviewed

CVE-2022-24665 was published Feb 17, 2022

jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.page.PageNotifyKit... High Unreviewed

CVE-2021-46117 was published Jan 27, 2022

jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.article.kit... High Unreviewed

CVE-2021-46118 was published Jan 27, 2022

jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.ProductNotifyKit#doSendEmail.... High Unreviewed

CVE-2021-46114 was published Jan 27, 2022

Previous 1 2 … 80 81 82 83 84 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,084 advisories