GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,757

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,167 advisories

Filter by severity

Sort by

Least recently updated

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed

CVE-2021-36040 was published May 24, 2022

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed

CVE-2021-36035 was published May 24, 2022

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed

CVE-2021-36041 was published May 24, 2022

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed

CVE-2021-36042 was published May 24, 2022

webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any... Critical Unreviewed

CVE-2021-40350 was published May 24, 2022

A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows... Critical Unreviewed

CVE-2020-22848 was published May 24, 2022

An issue was discovered in Form Tools through 3.0.20. SQL Injection can occur via the... Critical Unreviewed

CVE-2021-38145 was published May 24, 2022

KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because... Critical Unreviewed

CVE-2021-36356 was published May 24, 2022

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with... Critical Unreviewed

CVE-2021-34565 was published May 24, 2022

This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to... Critical Unreviewed

CVE-2021-35222 was published May 24, 2022

A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor... Critical Unreviewed

CVE-2021-22943 was published May 24, 2022

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL... Critical Unreviewed

CVE-2021-37749 was published May 24, 2022

Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart... Critical Unreviewed

CVE-2020-15744 was published May 24, 2022

A conference management system of ZTE is impacted by a command execution vulnerability. Since the... Critical Unreviewed

CVE-2021-21741 was published May 24, 2022

Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestricted file uploads, which may... Critical Unreviewed

CVE-2021-32955 was published May 24, 2022

A Blind SQL injection vulnerability exists in the /DataHandler/Handler_CFG.ashx endpoint of Delta... Critical Unreviewed

CVE-2021-32983 was published May 24, 2022

A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a... Critical Unreviewed

CVE-2021-27663 was published May 24, 2022

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new... Critical Unreviewed

CVE-2021-32967 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in... Critical Unreviewed

CVE-2021-33055 was published May 24, 2022

A Blind SQL injection vulnerability exists in the /DataHandler/HandlerEnergyType.ashx endpoint of... Critical Unreviewed

CVE-2021-38390 was published May 24, 2022

A Blind SQL injection vulnerability exists in the /DataHandler/HandlerAlarmGroup.ashx endpoint of... Critical Unreviewed

CVE-2021-38393 was published May 24, 2022

A Blind SQL injection vulnerability exists in the /DataHandler/AM/AM_Handler.ashx endpoint of... Critical Unreviewed

CVE-2021-38391 was published May 24, 2022

An issue was discovered in EdgeGallery/developer before v1.0. There is a "Deserialization of yaml... Critical Unreviewed

CVE-2021-34066 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access... Critical Unreviewed

CVE-2021-37421 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper... Critical Unreviewed

CVE-2021-37417 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,167 advisories