GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,755

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,224 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i,... Critical Unreviewed

CVE-2018-20768 was published May 14, 2022

ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could... Critical Unreviewed

CVE-2018-5204 was published May 14, 2022

An issue was discovered in weixin-java-tools v3.2.0. There is an XXE vulnerability in the... Critical Unreviewed

CVE-2018-20318 was published May 14, 2022

In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018... Critical Unreviewed

CVE-2018-4169 was published May 14, 2022

SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be... Critical Unreviewed

CVE-2019-0247 was published May 14, 2022

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible... Critical Unreviewed

CVE-2018-5492 was published May 14, 2022

Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter. Critical Unreviewed

CVE-2019-5893 was published May 14, 2022

In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS... Critical Unreviewed

CVE-2018-4147 was published May 14, 2022

An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL Injection via the app/article... Critical Unreviewed

CVE-2019-6259 was published May 14, 2022

MailEnable before 8.60 allows Directory Traversal for reading the messages of other users,... Critical Unreviewed

CVE-2015-9277 was published May 14, 2022

A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/,... Critical Unreviewed

CVE-2019-7678 was published May 14, 2022

In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue... Critical Unreviewed

CVE-2018-4254 was published May 14, 2022

HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded... Critical Unreviewed

CVE-2018-19468 was published May 14, 2022

In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation. Critical Unreviewed

CVE-2018-4257 was published May 14, 2022

In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved bounds checking. Critical Unreviewed

CVE-2018-4258 was published May 14, 2022

SQL injection vulnerability in the RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to... Critical Unreviewed

CVE-2018-16188 was published May 14, 2022

Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to... Critical Unreviewed

CVE-2018-16068 was published May 14, 2022

The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=[SQL] or... Critical Unreviewed

CVE-2018-18801 was published May 14, 2022

School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php... Critical Unreviewed

CVE-2018-18795 was published May 14, 2022

In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and... Critical Unreviewed

CVE-2018-4189 was published May 14, 2022

SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2018-20732 was published May 14, 2022

An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get... Critical Unreviewed

CVE-2019-7568 was published May 14, 2022

Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2... Critical Unreviewed

CVE-2018-19240 was published May 14, 2022

Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read... Critical Unreviewed

CVE-2018-0705 was published May 14, 2022

Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute... Critical Unreviewed

CVE-2018-19415 was published May 14, 2022

Previous 1…397…400 Next

Previous 1 2 … 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30,224 advisories