GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,636
Composer 5,818
Erlang 61
GitHub Actions 50
Go 3,822
Maven 6,572
npm 6,207
NuGet 939
pip 5,092
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,763

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,225 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql... Critical Unreviewed

CVE-2019-8428 was published May 14, 2022

Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers to cause denial-of-service ... Critical Unreviewed

CVE-2018-0668 was published May 14, 2022

Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS... Critical Unreviewed

CVE-2018-0651 was published May 14, 2022

An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command... Critical Unreviewed

CVE-2019-7297 was published May 14, 2022

Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized... Critical Unreviewed

CVE-2015-4615 was published May 14, 2022

The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, and 10.5.x before 10.5.6 has... Critical Unreviewed

CVE-2018-8971 was published May 14, 2022

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has... Critical Unreviewed

CVE-2018-19925 was published May 14, 2022

An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/PublicAction.class.php... Critical Unreviewed

CVE-2019-7585 was published May 14, 2022

Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3... Critical Unreviewed

CVE-2016-5636 was published May 14, 2022

A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is... Critical Unreviewed

CVE-2018-18504 was published May 14, 2022

inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information... Critical Unreviewed

CVE-2019-3576 was published May 14, 2022

Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does... Critical Unreviewed

CVE-2015-8876 was published May 14, 2022

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection... Critical Unreviewed

CVE-2018-20148 was published May 14, 2022

Anyplace version before commit 80359b4 contains a XML External Entity (XXE) vulnerability in Man... Critical Unreviewed

CVE-2018-1000829 was published May 14, 2022

WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a... Critical Unreviewed

CVE-2019-6519 was published May 14, 2022

An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of... Critical Unreviewed

CVE-2018-7836 was published May 14, 2022

Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in... Critical Unreviewed

CVE-2018-20300 was published May 14, 2022

Battelle V2I Hub 3.0 is vulnerable to SQL injection. A remote attacker could send specially... Critical Unreviewed

CVE-2018-1000631 was published May 14, 2022

The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files... Critical Unreviewed

CVE-2018-6152 was published May 14, 2022

The server API in the Anda app relies on hardcoded credentials. Critical Unreviewed

CVE-2018-13342 was published May 14, 2022

imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to... Critical Unreviewed

CVE-2018-20605 was published May 14, 2022

Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass (with the attacker obtaining... Critical Unreviewed

CVE-2018-8096 was published May 14, 2022

A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which... Critical Unreviewed

CVE-2018-7800 was published May 14, 2022

Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL... Critical Unreviewed

CVE-2019-6266 was published May 14, 2022

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices... Critical Unreviewed

CVE-2018-12670 was published May 14, 2022

Previous 1…394…400 Next

Previous 1 2 … 392 393 394 395 396 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30,225 advisories