Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,359 advisories

Loading
Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16... High Unreviewed
CVE-2021-45660 was published Dec 27, 2021
If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with... High Unreviewed
CVE-2022-3033 was published Dec 22, 2022
Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who... High Unreviewed
CVE-2022-1159 was published Apr 3, 2022
In all versions of GitLab CE/EE, certain Unicode characters can be abused to commit malicious... High Unreviewed
CVE-2021-39908 was published Apr 3, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-42294 was published Dec 16, 2021
In StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus... High Unreviewed
CVE-2021-44657 was published Dec 16, 2021
A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x... High Unreviewed
CVE-2021-35413 was published Dec 4, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-42314 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-42315 was published Dec 16, 2021
Microsoft Office Graphics Remote Code Execution Vulnerability High Unreviewed
CVE-2021-43875 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-43889 was published Dec 16, 2021
Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E-Commerce System 0.2 allow... High Unreviewed
CVE-2010-3210 was published May 17, 2022
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An... High Unreviewed
CVE-2021-29214 was published Dec 11, 2021
Visual Studio Code Remote Code Execution Vulnerability High Unreviewed
CVE-2021-43891 was published Dec 16, 2021
Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS)... High Unreviewed
CVE-2010-3419 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to... High Unreviewed
CVE-2010-3209 was published May 17, 2022
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434... High Unreviewed
CVE-2020-25197 was published Mar 19, 2022
The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is... High Unreviewed
CVE-2022-0687 was published Mar 22, 2022
Code injection in accesslog High
CVE-2022-25760 was published for accesslog (npm) Mar 18, 2022
The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and... High Unreviewed
CVE-2011-0386 was published May 17, 2022
Code Injection in CRI-O High
CVE-2022-0811 was published for github.com/cri-o/cri-o (Go) Mar 15, 2022
Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad... High Unreviewed
CVE-2022-0944 was published Mar 16, 2022
Server-side Template Injection in nystudio107/craft-seomatic High
CVE-2021-44618 was published for nystudio107/craft-seomatic (Composer) Mar 12, 2022
Static Code Injection in Microweber High
CVE-2022-0895 was published for microweber/microweber (Composer) Mar 11, 2022
The absence of filters when loading some sections in the web application of the vulnerable device... High Unreviewed
CVE-2022-22985 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database