Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,770
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

774 advisories

Loading
PaddlePaddle vulnerable to code injection via winstr Critical
CVE-2022-45908 was published for paddlepaddle (pip) Nov 26, 2022
morgan-json vulnerable to Arbitrary Code Execution Critical
CVE-2022-25921 was published for morgan-json (npm) Aug 29, 2022
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with... Critical Unreviewed
CVE-2021-20623 was published May 24, 2022
@pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution Critical
CVE-2022-25644 was published for @pendo324/get-process-by-name (npm) Aug 29, 2022
The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through... Critical Unreviewed
CVE-2020-10666 was published May 24, 2022
phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. Critical Unreviewed
CVE-2020-21784 was published May 24, 2022
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request... Critical Unreviewed
CVE-2021-26810 was published May 24, 2022
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4... Critical Unreviewed
CVE-2020-25414 was published May 24, 2022
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40... Critical Unreviewed
CVE-2021-22519 was published May 24, 2022
An arbitrary code execution vulnerability exists in Micro Focus Application Performance... Critical Unreviewed
CVE-2021-22514 was published May 24, 2022
A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute... Critical Unreviewed
CVE-2020-22937 was published May 24, 2022
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller... Critical Unreviewed
CVE-2020-21652 was published May 24, 2022
NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution. Critical Unreviewed
CVE-2021-45983 was published Jun 3, 2022
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller... Critical Unreviewed
CVE-2020-21651 was published May 24, 2022
job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related... Critical Unreviewed
CVE-2017-11715 was published May 17, 2022
Code Injection in metacalc Critical
CVE-2022-21122 was published for metacalc (npm) Jun 9, 2022
The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a... Critical Unreviewed
CVE-2022-30877 was published Jun 9, 2022
Code Injection in SEOmatic Critical
CVE-2021-41749 was published for nystudio107/craft-seomatic (Composer) Jun 13, 2022
FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by using a URL Manager "Add... Critical Unreviewed
CVE-2017-11167 was published May 17, 2022
A vulnerability classified as critical was found in Simple Ads Manager Plugin. This vulnerability... Critical Unreviewed
CVE-2017-20095 was published Jun 25, 2022
Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code... Critical Unreviewed
CVE-2022-32054 was published Jul 8, 2022
In FineCMS through 2017-07-07, application\core\controller\template.php allows remote PHP code... Critical Unreviewed
CVE-2017-10968 was published May 17, 2022
dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache... Critical Unreviewed
CVE-2017-11585 was published May 17, 2022
Internally used text extraction reports allow an attacker to inject code that can be executed by... Critical Unreviewed
CVE-2021-44231 was published Dec 15, 2021
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not... Critical Unreviewed
CVE-2016-5734 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database