GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
145 advisories
Filter by severity
CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly...
High
Unreviewed
CVE-2022-22151
was published
Mar 12, 2022
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection...
Moderate
Unreviewed
CVE-2022-22344
was published
Mar 15, 2022
An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470....
High
Unreviewed
CVE-2021-42324
was published
Apr 6, 2022
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior...
High
Unreviewed
CVE-2022-0935
was published
Apr 8, 2022
Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc...
Critical
Unreviewed
CVE-2021-28940
was published
May 24, 2022
In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the...
High
Unreviewed
CVE-2022-23079
was published
Jun 23, 2022
Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled...
Critical
Unreviewed
CVE-2022-28375
was published
Jul 15, 2022
Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled...
High
Unreviewed
CVE-2022-28374
was published
Jul 15, 2022
phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component ...
Critical
Unreviewed
CVE-2022-41443
was published
Oct 4, 2022
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to...
Moderate
Unreviewed
CVE-2020-24972
was published
May 24, 2022
IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP...
Moderate
Unreviewed
CVE-2022-34316
was published
Nov 15, 2022
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as...
High
Unreviewed
CVE-2022-25235
was published
Feb 17, 2022
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display...
Moderate
Unreviewed
CVE-2019-6109
was published
May 13, 2022
BigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for...
Moderate
Unreviewed
CVE-2020-27604
was published
May 24, 2022
IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through...
Moderate
Unreviewed
CVE-2021-38997
was published
Dec 12, 2022
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can...
High
Unreviewed
CVE-2020-35475
was published
May 24, 2022
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private...
High
Unreviewed
CVE-2020-25646
was published
May 24, 2022
A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly...
High
Unreviewed
CVE-2020-24849
was published
May 24, 2022
web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter...
Moderate
Unreviewed
CVE-2020-28954
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized...
High
Unreviewed
CVE-2021-20405
was published
May 24, 2022
Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows...
Moderate
Unreviewed
CVE-2020-29023
was published
May 24, 2022
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header...
High
Unreviewed
CVE-2022-40870
was published
Nov 23, 2022
Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator...
High
Unreviewed
CVE-2021-23205
was published
May 24, 2022
IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote...
High
Unreviewed
CVE-2020-4850
was published
May 24, 2022
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
Critical
Unreviewed
CVE-2022-36446
was published
Jul 26, 2022
ProTip!
Advisories are also available from the
GraphQL API