GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,537
Composer 4,454
Erlang 33
GitHub Actions 22
Go 2,153
Maven 5,330
npm 3,818
NuGet 693
pip 3,492
Pub 12
RubyGems 902
Rust 903
Swift 38

Unreviewed advisories

All unreviewed 247,033

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,610 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed

CVE-2021-31889 was published May 24, 2022

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed

CVE-2021-31890 was published May 24, 2022

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... Critical Unreviewed

CVE-2021-40358 was published May 24, 2022

In JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed. Critical Unreviewed

CVE-2021-43183 was published May 24, 2022

A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001... Critical Unreviewed

CVE-2019-16240 was published May 24, 2022

JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. Critical Unreviewed

CVE-2021-43185 was published May 24, 2022

In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were... Critical Unreviewed

CVE-2021-43200 was published May 24, 2022

In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is... Critical Unreviewed

CVE-2021-43193 was published May 24, 2022

Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute... Critical Unreviewed

CVE-2021-34684 was published May 24, 2022

PHP Event Calendar before 2021-09-03 allows SQL injection, as demonstrated by the /server/ajax... Critical Unreviewed

CVE-2021-42077 was published May 24, 2022

lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30. Critical Unreviewed

CVE-2021-42371 was published May 24, 2022

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. Critical Unreviewed

CVE-2021-30132 was published May 24, 2022

Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0... Critical Unreviewed

CVE-2021-28023 was published May 24, 2022

Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0... Critical Unreviewed

CVE-2021-28024 was published May 24, 2022

The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail"... Critical Unreviewed

CVE-2021-24693 was published May 24, 2022

The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when... Critical Unreviewed

CVE-2021-24827 was published May 24, 2022

Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection... Critical Unreviewed

CVE-2020-22225 was published May 24, 2022

Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection... Critical Unreviewed

CVE-2020-22226 was published May 24, 2022

Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection... Critical Unreviewed

CVE-2020-22223 was published May 24, 2022

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a... Critical Unreviewed

CVE-2021-43400 was published May 24, 2022

Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22... Critical Unreviewed

CVE-2021-25508 was published May 24, 2022

Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure... Critical Unreviewed

CVE-2021-42237 was published May 24, 2022

An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the... Critical Unreviewed

CVE-2021-42665 was published May 24, 2022

A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id... Critical Unreviewed

CVE-2021-42668 was published May 24, 2022

A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation... Critical Unreviewed

CVE-2021-42667 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,610 advisories