GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,881

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

147 advisories

Filter by severity

Sort by

Least recently updated

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized... High Unreviewed

CVE-2021-20405 was published May 24, 2022

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can... High Unreviewed

CVE-2020-35475 was published May 24, 2022

web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter... Moderate Unreviewed

CVE-2020-28954 was published May 24, 2022

A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly... High Unreviewed

CVE-2020-24849 was published May 24, 2022

A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private... High Unreviewed

CVE-2020-25646 was published May 24, 2022

BigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for... Moderate Unreviewed

CVE-2020-27604 was published May 24, 2022

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x... High Unreviewed

CVE-2020-26116 was published May 24, 2022

The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to... Moderate Unreviewed

CVE-2020-24972 was published May 24, 2022

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)... High Unreviewed

CVE-2019-12674 was published May 24, 2022

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)... High Unreviewed

CVE-2019-12675 was published May 24, 2022

LibreOffice documents can contain macros. The execution of those macros is controlled by the... High Unreviewed

CVE-2019-9853 was published May 24, 2022

In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe... Moderate Unreviewed

CVE-2019-15944 was published May 24, 2022

A vulnerability exists where the caret ("^") character is improperly escaped constructing some... Moderate Unreviewed

CVE-2019-11717 was published May 24, 2022

An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows... Moderate Unreviewed

CVE-2019-3571 was published May 24, 2022

An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary... High Unreviewed

CVE-2018-16386 was published May 24, 2022

Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special... High Unreviewed

CVE-2016-3063 was published May 17, 2022

The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x,... Critical Unreviewed

CVE-2018-9246 was published May 14, 2022

A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches,... Moderate Unreviewed

CVE-2017-12340 was published May 13, 2022

The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior... High Unreviewed

CVE-2017-12064 was published May 13, 2022

An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows... Critical Unreviewed

CVE-2017-8303 was published May 13, 2022

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1... High Unreviewed

CVE-2014-9938 was published May 13, 2022

An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display... Moderate Unreviewed

CVE-2019-6109 was published May 13, 2022

A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps... Moderate Unreviewed

CVE-2019-0857 was published May 13, 2022

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8... High Unreviewed

CVE-2018-8609 was published May 13, 2022

Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server ... Moderate Unreviewed

CVE-2018-2389 was published May 13, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

147 advisories