GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,459
Composer 4,164
Erlang 30
GitHub Actions 19
Go 1,973
Maven 5,149
npm 3,695
NuGet 654
pip 3,311
Pub 11
RubyGems 881
Rust 831
Swift 35

Unreviewed advisories

All unreviewed 232,379

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

143 advisories

Filter by severity

Sort by

Least recently updated

CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly... High Unreviewed

CVE-2022-22151 was published Mar 12, 2022

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection... Moderate Unreviewed

CVE-2022-22344 was published Mar 15, 2022

An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470.... High Unreviewed

CVE-2021-42324 was published Apr 6, 2022

Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior... High Unreviewed

CVE-2022-0935 was published Apr 8, 2022

Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc... Critical Unreviewed

CVE-2021-28940 was published May 24, 2022

In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the... High Unreviewed

CVE-2022-23079 was published Jun 23, 2022

Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled... Critical Unreviewed

CVE-2022-28375 was published Jul 15, 2022

Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled... High Unreviewed

CVE-2022-28374 was published Jul 15, 2022

phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component ... Critical Unreviewed

CVE-2022-41443 was published Oct 4, 2022

The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to... Moderate Unreviewed

CVE-2020-24972 was published May 24, 2022

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP... Moderate Unreviewed

CVE-2022-34316 was published Nov 15, 2022

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as... High Unreviewed

CVE-2022-25235 was published Feb 17, 2022

An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display... Moderate Unreviewed

CVE-2019-6109 was published May 13, 2022

BigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for... Moderate Unreviewed

CVE-2020-27604 was published May 24, 2022

IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through... Moderate Unreviewed

CVE-2021-38997 was published Dec 12, 2022

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can... High Unreviewed

CVE-2020-35475 was published May 24, 2022

A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private... High Unreviewed

CVE-2020-25646 was published May 24, 2022

A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly... High Unreviewed

CVE-2020-24849 was published May 24, 2022

web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter... Moderate Unreviewed

CVE-2020-28954 was published May 24, 2022

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized... High Unreviewed

CVE-2021-20405 was published May 24, 2022

Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows... Moderate Unreviewed

CVE-2020-29023 was published May 24, 2022

The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header... High Unreviewed

CVE-2022-40870 was published Nov 23, 2022

Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator... High Unreviewed

CVE-2021-23205 was published May 24, 2022

IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote... High Unreviewed

CVE-2020-4850 was published May 24, 2022

software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command. Critical Unreviewed

CVE-2022-36446 was published Jul 26, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

143 advisories