Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

900 advisories

Loading
Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo... Critical Unreviewed
CVE-2018-15632 was published May 24, 2022
In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code on the server side due to... Critical Unreviewed
CVE-2020-28870 was published May 24, 2022
Deleting users with certain names caused system files to be deleted. Risk is higher for systems... Critical Unreviewed
CVE-2020-28645 was published May 24, 2022
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit... Critical Unreviewed
CVE-2020-9139 was published May 24, 2022
Exponent CMS before 2.6.0 has improper input validation in fileController.php. Critical Unreviewed
CVE-2016-9026 was published May 24, 2022
Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php. Critical Unreviewed
CVE-2016-9023 was published May 24, 2022
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of... Critical Unreviewed
CVE-2020-25765 was published May 24, 2022
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin... Critical Unreviewed
CVE-2020-28971 was published May 24, 2022
Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php. Critical Unreviewed
CVE-2016-9025 was published May 24, 2022
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An... Critical Unreviewed
CVE-2020-24679 was published May 24, 2022
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to... Critical Unreviewed
CVE-2020-27125 was published May 24, 2022
A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS... Critical Unreviewed
CVE-2020-3426 was published May 24, 2022
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all... Critical Unreviewed
CVE-2020-25787 was published May 24, 2022
Multiple memory corruption issues were addressed with improved input validation. This issue is... Critical Unreviewed
CVE-2019-8749 was published May 24, 2022
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization... Critical Unreviewed
CVE-2020-27159 was published May 24, 2022
Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC)... Critical Unreviewed
CVE-2020-3470 was published May 24, 2022
Multiple memory corruption issues were addressed with improved input validation. This issue is... Critical Unreviewed
CVE-2019-8756 was published May 24, 2022
A remote bytemessageresource transformentity" input validation code execution vulnerability was... Critical Unreviewed
CVE-2020-24649 was published May 24, 2022
is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines... Critical Unreviewed
CVE-2020-28037 was published May 24, 2022
A remote accessmgrservlet classname input validation code execution vulnerability was discovered... Critical Unreviewed
CVE-2020-24647 was published May 24, 2022
A validation issue existed in Trust Anchor Management. This issue was addressed with improved... Critical Unreviewed
CVE-2019-8531 was published May 24, 2022
Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is... Critical Unreviewed
CVE-2020-15374 was published May 24, 2022
A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before... Critical Unreviewed
CVE-2020-24753 was published May 24, 2022
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter... Critical Unreviewed
CVE-2020-11698 was published May 24, 2022
A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox Server before 4.2.3. Critical Unreviewed
CVE-2020-24376 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database