Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,572 advisories

Loading
Potential security vulnerabilities have been identified in HPE iLO Amplifier Pack using bootstrap... Critical Unreviewed
CVE-2021-26583 was published May 24, 2022
Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera... Critical Unreviewed
CVE-2021-25847 was published May 24, 2022
On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6... Critical Unreviewed
CVE-2021-23008 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive... Critical Unreviewed
CVE-2021-20538 was published May 24, 2022
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack... Critical Unreviewed
CVE-2021-31755 was published May 24, 2022
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack... Critical Unreviewed
CVE-2021-31758 was published May 24, 2022
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack... Critical Unreviewed
CVE-2021-31756 was published May 24, 2022
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack... Critical Unreviewed
CVE-2021-31757 was published May 24, 2022
Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization. Critical Unreviewed
CVE-2021-32098 was published May 24, 2022
A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows... Critical Unreviewed
CVE-2021-32099 was published May 24, 2022
Memory corruption while processing crafted SDES packets due to improper length check in sdes... Critical Unreviewed
CVE-2020-11279 was published May 24, 2022
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is... Critical Unreviewed
CVE-2020-11285 was published May 24, 2022
Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon... Critical Unreviewed
CVE-2021-1910 was published May 24, 2022
VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution... Critical Unreviewed
CVE-2021-21984 was published May 24, 2022
Multiple integer overflow issues exist while processing long domain names, which may allow an... Critical Unreviewed
CVE-2021-22671 was published May 24, 2022
The affected product is vulnerable to an integer overflow while processing HTTP headers, which... Critical Unreviewed
CVE-2021-22679 was published May 24, 2022
The affected product allows attackers to obtain sensitive information from the WISE-PaaS... Critical Unreviewed
CVE-2021-27437 was published May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can... Critical Unreviewed
CVE-2021-27573 was published May 24, 2022
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which... Critical Unreviewed
CVE-2020-19111 was published May 24, 2022
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit... Critical Unreviewed
CVE-2020-19109 was published May 24, 2022
Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to... Critical Unreviewed
CVE-2020-19113 was published May 24, 2022
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete... Critical Unreviewed
CVE-2020-19112 was published May 24, 2022
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php... Critical Unreviewed
CVE-2020-19110 was published May 24, 2022
SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php,... Critical Unreviewed
CVE-2020-19108 was published May 24, 2022
SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php,... Critical Unreviewed
CVE-2020-19107 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database