Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

884 advisories

Loading
Improper Input Validation in Deap Critical
CVE-2018-3749 was published for deap (npm) May 14, 2022
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on... Critical Unreviewed
CVE-2018-4018 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1142 was published May 24, 2022
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed
CVE-2021-22345 was published May 24, 2022
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC-Q Series QJ71E71-100 first... Critical Unreviewed
CVE-2022-25163 was published Jun 3, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... Critical Unreviewed
CVE-2021-1301 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... Critical Unreviewed
CVE-2021-1468 was published May 24, 2022
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30712 was published Jun 8, 2022
Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper... Critical Unreviewed
CVE-2021-37417 was published May 24, 2022
Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows... Critical Unreviewed
CVE-2015-1555 was published May 17, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130,... Critical Unreviewed
CVE-2021-1459 was published May 24, 2022
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30711 was published Jun 8, 2022
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30710 was published Jun 8, 2022
Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers... Critical Unreviewed
CVE-2022-30713 was published Jun 8, 2022
A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary... Critical Unreviewed
CVE-2020-24672 was published May 24, 2022
Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of... Critical Unreviewed
CVE-2017-11673 was published May 17, 2022
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution... Critical Unreviewed
CVE-2017-11495 was published May 17, 2022
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote... Critical Unreviewed
CVE-2017-11393 was published May 17, 2022
An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021... Critical Unreviewed
CVE-2021-25449 was published May 24, 2022
The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the... Critical Unreviewed
CVE-2015-3278 was published May 17, 2022
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the... Critical Unreviewed
CVE-2022-33754 was published Jun 17, 2022
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the... Critical Unreviewed
CVE-2022-33752 was published Jun 17, 2022
Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible... Critical Unreviewed
CVE-2017-1000039 was published May 17, 2022
A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint... Critical Unreviewed
CVE-2017-3792 was published May 17, 2022
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco... Critical Unreviewed
CVE-2016-6445 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database