Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

437 advisories

Loading
The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be... Critical Unreviewed
CVE-2022-4060 was published Jan 16, 2023
A remote code execution (RCE) vulnerability in Beekeeper Studio v3.2.0 allows attackers to... Critical Unreviewed
CVE-2022-26174 was published Mar 23, 2022
taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. Critical Unreviewed
CVE-2022-25578 was published Mar 20, 2022
A remote code execution (RCE) vulnerability in Ionize v1.0.8.1 allows attackers to execute... Critical Unreviewed
CVE-2022-26272 was published Mar 26, 2022
Marky commit 3686565726c65756e was discovered to contain a remote code execution (RCE)... Critical Unreviewed
CVE-2022-26205 was published Mar 28, 2022
Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a... Critical Unreviewed
CVE-2022-26198 was published Mar 28, 2022
Clash for Windows v0.19.8 was discovered to allow arbitrary code execution via a crafted payload... Critical Unreviewed
CVE-2022-26255 was published Mar 29, 2022
Web Media Extensions Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43214 was published Dec 16, 2021
Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43899 was published Dec 16, 2021
Bot Framework SDK Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43225 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42310 was published Dec 16, 2021
fexsrv in F*EX (aka Frams' Fast File EXchange) before fex-20160919_2 allows eval injection (for... Critical Unreviewed
CVE-2020-15591 was published Mar 18, 2022
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability... Critical Unreviewed
CVE-2022-22954 was published Apr 12, 2022
There is a logic bypass vulnerability in smartphones. Successful exploitation of this... Critical Unreviewed
CVE-2021-22430 was published Feb 26, 2022
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with... Critical Unreviewed
CVE-2021-20623 was published May 24, 2022
The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through... Critical Unreviewed
CVE-2020-10666 was published May 24, 2022
phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. Critical Unreviewed
CVE-2020-21784 was published May 24, 2022
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request... Critical Unreviewed
CVE-2021-26810 was published May 24, 2022
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4... Critical Unreviewed
CVE-2020-25414 was published May 24, 2022
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40... Critical Unreviewed
CVE-2021-22519 was published May 24, 2022
An arbitrary code execution vulnerability exists in Micro Focus Application Performance... Critical Unreviewed
CVE-2021-22514 was published May 24, 2022
A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute... Critical Unreviewed
CVE-2020-22937 was published May 24, 2022
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller... Critical Unreviewed
CVE-2020-21652 was published May 24, 2022
NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution. Critical Unreviewed
CVE-2021-45983 was published Jun 3, 2022
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller... Critical Unreviewed
CVE-2020-21651 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API