GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,952
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,419
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,837

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

831 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in DedeCMS up to 5.7.106. It has been declared as critical. Affected by... Moderate Unreviewed

CVE-2023-2928 was published May 27, 2023

An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all... Moderate Unreviewed

CVE-2023-1178 was published May 4, 2023

An issue discovered in mccms 2.6.1 allows remote attackers to cause a denial of service via... Moderate Unreviewed

CVE-2023-26782 was published Apr 28, 2023

A vulnerability was found in DedeCMS up to 5.7.87 and classified as critical. This issue affects... Moderate Unreviewed

CVE-2023-2056 was published Apr 14, 2023

In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non... Moderate Unreviewed

CVE-2023-27897 was published Apr 11, 2023

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2,... Moderate Unreviewed

CVE-2022-3960 was published Apr 3, 2023

Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA... Moderate Unreviewed

CVE-2022-20686 was published Dec 12, 2022

The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an... Moderate Unreviewed

CVE-2022-41223 was published Nov 22, 2022

SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful... Moderate Unreviewed

CVE-2022-41205 was published Nov 9, 2022

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through... Moderate Unreviewed

CVE-2022-43572 was published Nov 5, 2022

Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. Moderate Unreviewed

CVE-2022-2014 was published Jun 10, 2022

The Loco Translate WordPress plugin before 2.5.4 mishandles data inputs which get saved to a file... Moderate Unreviewed

CVE-2021-24721 was published May 24, 2022

An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0... Moderate Unreviewed

CVE-2021-42754 was published May 24, 2022

MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel.... Moderate Unreviewed

CVE-2021-39402 was published May 24, 2022

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code... Moderate Unreviewed

CVE-2021-3615 was published May 24, 2022

A vulnerability was found in Moodle where javaScript injection was possible in some Mustache... Moderate Unreviewed

CVE-2019-14827 was published May 24, 2022

SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to... Moderate Unreviewed

CVE-2021-27611 was published May 24, 2022

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up... Moderate Unreviewed

CVE-2021-22204 was published May 24, 2022

A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was... Moderate Unreviewed

CVE-2021-3411 was published May 24, 2022

Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code... Moderate Unreviewed

CVE-2020-8274 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly... Moderate Unreviewed

CVE-2020-1338 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly... Moderate Unreviewed

CVE-2020-1218 was published May 24, 2022

A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7... Moderate Unreviewed

CVE-2020-6318 was published May 24, 2022

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of... Moderate Unreviewed

CVE-2020-24354 was published May 24, 2022

Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated... Moderate Unreviewed

CVE-2020-24614 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

831 advisories