GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,141 advisories
Filter by severity
An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive...
Critical
Unreviewed
CVE-2021-26705
was published
May 24, 2022
Zoho ManageEngine Application Control Plus before 100523 has an insecure SSL configuration...
Critical
Unreviewed
CVE-2020-29658
was published
May 24, 2022
Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret...
Critical
Unreviewed
CVE-2020-28050
was published
May 24, 2022
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when...
Critical
Unreviewed
CVE-2021-26293
was published
May 24, 2022
A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan...
Critical
Unreviewed
CVE-2021-25346
was published
May 24, 2022
Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the...
Critical
Unreviewed
CVE-2021-24032
was published
May 24, 2022
In the Zstandard command-line utility prior to v1.4.1, output files were created with default...
Critical
Unreviewed
CVE-2021-24031
was published
May 24, 2022
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the...
Critical
Unreviewed
CVE-2021-23127
was published
May 24, 2022
An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval...
Critical
Unreviewed
CVE-2021-23128
was published
May 24, 2022
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal...
Critical
Unreviewed
CVE-2020-28636
was published
May 24, 2022
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal...
Critical
Unreviewed
CVE-2020-35628
was published
May 24, 2022
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal...
Critical
Unreviewed
CVE-2020-28601
was published
May 24, 2022
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal...
Critical
Unreviewed
CVE-2020-35636
was published
May 24, 2022
LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API...
Critical
Unreviewed
CVE-2021-27931
was published
May 24, 2022
An issue was discovered in genua genugate before 9.0 Z p19, 9.1.x through 9.6.x before 9.6 p7,...
Critical
Unreviewed
CVE-2021-27215
was published
May 24, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021...
Critical
Unreviewed
CVE-2021-26855
was published
May 24, 2022
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions...
Critical
Unreviewed
CVE-2021-22681
was published
May 24, 2022
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution...
Critical
Unreviewed
CVE-2021-21978
was published
May 24, 2022
The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute...
Critical
Unreviewed
CVE-2020-29047
was published
May 24, 2022
Accellion FTA 9_12_432 and earlier is affected by argument injection via a crafted POST request...
Critical
Unreviewed
CVE-2021-27730
was published
May 24, 2022
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal...
Critical
Unreviewed
CVE-2021-27886
was published
May 24, 2022
JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption.
Critical
Unreviewed
CVE-2021-27804
was published
May 24, 2022
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with...
Critical
Unreviewed
CVE-2021-21513
was published
May 24, 2022
The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does...
Critical
Unreviewed
CVE-2021-25309
was published
May 24, 2022
WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password.
Critical
Unreviewed
CVE-2021-3332
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API