GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,226

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,132 advisories

Filter by severity

Sort by

Least recently updated

iSpyConnect iSpy v7.2.2.0 allows attackers to bypass authentication via a crafted URL. Critical Unreviewed

CVE-2022-29775 was published Jun 22, 2022

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0... Critical Unreviewed

CVE-2022-31374 was published Jun 22, 2022

iSpyConnect iSpy v7.2.2.0 is vulnerable to path traversal. Critical Unreviewed

CVE-2022-29774 was published Jun 22, 2022

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further... Critical Unreviewed

CVE-2022-2068 was published Jun 22, 2022

The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection. Critical Unreviewed

CVE-2022-26147 was published Jun 22, 2022

Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. Critical Unreviewed

CVE-2022-2023 was published Jun 21, 2022

The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a... Critical Unreviewed

CVE-2022-1905 was published Jun 21, 2022

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8... Critical Unreviewed

CVE-2022-31795 was published Jun 21, 2022

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8... Critical Unreviewed

CVE-2022-31794 was published Jun 21, 2022

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. Critical Unreviewed

CVE-2022-2128 was published Jun 21, 2022

IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout... Critical Unreviewed

CVE-2022-22318 was published Jun 21, 2022

IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout... Critical Unreviewed

CVE-2022-22317 was published Jun 21, 2022

An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. There is Remote Code... Critical Unreviewed

CVE-2022-34005 was published Jun 20, 2022

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via ... Critical Unreviewed

CVE-2022-31357 was published Jun 18, 2022

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via ... Critical Unreviewed

CVE-2022-31355 was published Jun 18, 2022

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via ... Critical Unreviewed

CVE-2022-31356 was published Jun 18, 2022

Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via... Critical Unreviewed

CVE-2022-31296 was published Jun 18, 2022

A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice... Critical Unreviewed

CVE-2022-31784 was published Jun 18, 2022

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside... Critical Unreviewed

CVE-2021-40903 was published Jun 18, 2022

VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the "api.php" file... Critical Unreviewed

CVE-2021-41408 was published Jun 18, 2022

ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4... Critical Unreviewed

CVE-2021-45024 was published Jun 18, 2022

In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0... Critical Unreviewed

CVE-2022-22485 was published Jun 18, 2022

A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality... Critical Unreviewed

CVE-2022-29496 was published Jun 18, 2022

Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is... Critical Unreviewed

CVE-2022-30422 was published Jun 18, 2022

A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker... Critical Unreviewed

CVE-2022-21806 was published Jun 18, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,132 advisories