GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,046
Composer 5,218
Erlang 40
GitHub Actions 40
Go 2,974
Maven 6,256
npm 4,621
NuGet 788
pip 4,317
Pub 12
RubyGems 984
Rust 1,131
Swift 49

Unreviewed advisories

All unreviewed 289,847

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

748 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An arbitrary code execution vulnerability exists in Micro Focus Application Performance... Critical Unreviewed

CVE-2021-22514 was published May 24, 2022

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab... Critical Unreviewed

CVE-2021-22205 was published May 24, 2022

SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, Backoffice application allows certain... Critical Unreviewed

CVE-2021-27602 was published May 24, 2022

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval... Critical Unreviewed

CVE-2021-23277 was published May 24, 2022

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code... Critical Unreviewed

CVE-2021-23281 was published May 24, 2022

D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request... Critical Unreviewed

CVE-2021-26810 was published May 24, 2022

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26893,... Critical Unreviewed

CVE-2021-26877 was published May 24, 2022

An issue was discovered in Scytl sVote 2.1. An attacker can inject code that gets executed by... Critical Unreviewed

CVE-2019-25022 was published May 24, 2022

An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows... Critical Unreviewed

CVE-2021-27236 was published May 24, 2022

NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the... Critical Unreviewed

CVE-2021-26753 was published May 24, 2022

SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required... Critical Unreviewed

CVE-2021-21477 was published May 24, 2022

Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product,... Critical Unreviewed

CVE-2021-22502 was published May 24, 2022

Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with... Critical Unreviewed

CVE-2021-20623 was published May 24, 2022

In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible,... Critical Unreviewed

CVE-2021-25770 was published May 24, 2022

An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code... Critical Unreviewed

CVE-2020-35458 was published May 24, 2022

Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow... Critical Unreviewed

CVE-2020-8584 was published May 24, 2022

Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command... Critical Unreviewed

CVE-2020-35131 was published May 24, 2022

JsLink in Webswing before 2.6.12 LTS, and 2.7.x and 20.x before 20.1, allows remote code execution. Critical Unreviewed

CVE-2020-11103 was published May 24, 2022

, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE... Critical Unreviewed

CVE-2020-17142 was published May 24, 2022

, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE... Critical Unreviewed

CVE-2020-17132 was published May 24, 2022

Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. Critical Unreviewed

CVE-2020-28366 was published May 24, 2022

Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. Critical Unreviewed

CVE-2020-28367 was published May 24, 2022

Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all... Critical Unreviewed

CVE-2020-11851 was published May 24, 2022

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5,... Critical Unreviewed

CVE-2020-25223 was published May 24, 2022

The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell... Critical Unreviewed

CVE-2020-16147 was published May 24, 2022

Previous 1…23…30 Next

Previous 1 2 … 21 22 23 24 25 … 29 30 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

748 advisories