GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,755

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,224 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote... Critical Unreviewed

CVE-2018-19692 was published May 14, 2022

International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl... Critical Unreviewed

CVE-2018-18928 was published May 14, 2022

Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5,... Critical Unreviewed

CVE-2016-10191 was published May 14, 2022

LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks... Critical Unreviewed

CVE-2018-16168 was published May 14, 2022

SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL... Critical Unreviewed

CVE-2018-13350 was published May 14, 2022

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340,... Critical Unreviewed

CVE-2018-7241 was published May 14, 2022

An issue was discovered in arcms through 2018-03-19. No authentication is required for index/main... Critical Unreviewed

CVE-2018-19557 was published May 14, 2022

Incorrect access control in formPasswordSetup in TOTOLINK A3002RU version 1.0.8 allows attackers... Critical Unreviewed

CVE-2018-13315 was published May 14, 2022

CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the... Critical Unreviewed

CVE-2018-19559 was published May 14, 2022

Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection. Critical Unreviewed

CVE-2018-17243 was published May 14, 2022

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie. Critical Unreviewed

CVE-2018-18792 was published May 14, 2022

Library Management System 1.0 has SQL Injection via the "Search for Books" screen. Critical Unreviewed

CVE-2018-18796 was published May 14, 2022

HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because... Critical Unreviewed

CVE-2018-19531 was published May 14, 2022

CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by... Critical Unreviewed

CVE-2018-14957 was published May 14, 2022

Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command. Critical Unreviewed

CVE-2018-18861 was published May 14, 2022

SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection. Critical Unreviewed

CVE-2018-18763 was published May 14, 2022

HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because... Critical Unreviewed

CVE-2018-19530 was published May 14, 2022

Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter. Critical Unreviewed

CVE-2018-18822 was published May 14, 2022

ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request... Critical Unreviewed

CVE-2016-10731 was published May 14, 2022

Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an... Critical Unreviewed

CVE-2018-15540 was published May 14, 2022

FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in... Critical Unreviewed

CVE-2018-1000825 was published May 14, 2022

XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser... Critical Unreviewed

CVE-2018-1000830 was published May 14, 2022

Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse... Critical Unreviewed

CVE-2018-18803 was published May 14, 2022

In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free.... Critical Unreviewed

CVE-2018-9356 was published May 14, 2022

On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings... Critical Unreviewed

CVE-2018-17881 was published May 14, 2022

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30,224 advisories