GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,755

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,224 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi.php O_id parameter. Critical Unreviewed

CVE-2019-6805 was published May 14, 2022

Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE)... Critical Unreviewed

CVE-2018-15805 was published May 14, 2022

An issue was discovered in PopojiCMS v2.0.1. admin_component.php is exploitable via the po-admin... Critical Unreviewed

CVE-2018-18934 was published May 14, 2022

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed

CVE-2018-19069 was published May 14, 2022

Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as... Critical Unreviewed

CVE-2018-18925 was published May 14, 2022

Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite... Critical Unreviewed

CVE-2017-15402 was published May 14, 2022

MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors. Critical Unreviewed

CVE-2018-0645 was published May 14, 2022

Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon... Critical Unreviewed

CVE-2018-5915 was published May 14, 2022

While generating trusted application id, An integer overflow can occur giving the trusted... Critical Unreviewed

CVE-2016-10502 was published May 14, 2022

internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL... Critical Unreviewed

CVE-2018-18619 was published May 14, 2022

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android... Critical Unreviewed

CVE-2018-18006 was published May 14, 2022

The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5... Critical Unreviewed

CVE-2016-3955 was published May 17, 2022

nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the "Upload... Critical Unreviewed

CVE-2018-18874 was published May 14, 2022

Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are... Critical Unreviewed

CVE-2018-18864 was published May 14, 2022

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the js/pic.php P_id parameter. Critical Unreviewed

CVE-2018-20480 was published May 14, 2022

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the wap_index.php?type=newsinfo... Critical Unreviewed

CVE-2018-20479 was published May 14, 2022

Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to execute code remotely via a... Critical Unreviewed

CVE-2018-7631 was published May 14, 2022

MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter. Critical Unreviewed

CVE-2020-22819 was published Nov 3, 2022

cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2018-1149 was published May 14, 2022

S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type... Critical Unreviewed

CVE-2018-18887 was published May 14, 2022

An issue was discovered in S-CMS 3.0. It allows SQL Injection via the bank/callback1.php P_no field. Critical Unreviewed

CVE-2018-20477 was published May 14, 2022

A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as... Critical Unreviewed

CVE-2017-8248 was published May 14, 2022

Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username... Critical Unreviewed

CVE-2019-6497 was published May 14, 2022

An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon... Critical Unreviewed

CVE-2018-7809 was published May 14, 2022

Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption... Critical Unreviewed

CVE-2018-5186 was published May 14, 2022

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30,224 advisories