GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,140

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,868 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data_2.php... Critical Unreviewed

CVE-2019-8360 was published May 14, 2022

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote... Critical Unreviewed

CVE-2016-0639 was published May 14, 2022

Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers to cause denial-of-service ... Critical Unreviewed

CVE-2018-0668 was published May 14, 2022

There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute... Critical Unreviewed

CVE-2019-6503 was published May 14, 2022

Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized... Critical Unreviewed

CVE-2015-4615 was published May 14, 2022

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter. Critical Unreviewed

CVE-2019-8424 was published May 14, 2022

ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql... Critical Unreviewed

CVE-2019-8428 was published May 14, 2022

Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS... Critical Unreviewed

CVE-2018-0651 was published May 14, 2022

An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command... Critical Unreviewed

CVE-2019-7297 was published May 14, 2022

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has... Critical Unreviewed

CVE-2018-19925 was published May 14, 2022

A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is... Critical Unreviewed

CVE-2018-18504 was published May 14, 2022

The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, and 10.5.x before 10.5.6 has... Critical Unreviewed

CVE-2018-8971 was published May 14, 2022

inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information... Critical Unreviewed

CVE-2019-3576 was published May 14, 2022

An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/PublicAction.class.php... Critical Unreviewed

CVE-2019-7585 was published May 14, 2022

Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does... Critical Unreviewed

CVE-2015-8876 was published May 14, 2022

Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3... Critical Unreviewed

CVE-2016-5636 was published May 14, 2022

Anyplace version before commit 80359b4 contains a XML External Entity (XXE) vulnerability in Man... Critical Unreviewed

CVE-2018-1000829 was published May 14, 2022

Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in... Critical Unreviewed

CVE-2018-20300 was published May 14, 2022

An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of... Critical Unreviewed

CVE-2018-7836 was published May 14, 2022

WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a... Critical Unreviewed

CVE-2019-6519 was published May 14, 2022

The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files... Critical Unreviewed

CVE-2018-6152 was published May 14, 2022

The server API in the Anda app relies on hardcoded credentials. Critical Unreviewed

CVE-2018-13342 was published May 14, 2022

Battelle V2I Hub 3.0 is vulnerable to SQL injection. A remote attacker could send specially... Critical Unreviewed

CVE-2018-1000631 was published May 14, 2022

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection... Critical Unreviewed

CVE-2018-20148 was published May 14, 2022

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices... Critical Unreviewed

CVE-2018-12670 was published May 14, 2022

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,868 advisories