GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,572
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,703
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 234,065

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

266 advisories

Filter by severity

Sort by

Least recently updated

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused... High Unreviewed

CVE-2020-14111 was published Mar 11, 2022

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused... Critical Unreviewed

CVE-2020-14115 was published Mar 11, 2022

Syltek application before its 10.22.00 version, does not correctly check that a product ID has a... High Unreviewed

CVE-2021-4031 was published Mar 19, 2022

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive... High Unreviewed

CVE-2022-20795 was published Apr 22, 2022

Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to... Moderate Unreviewed

CVE-2020-14122 was published Apr 22, 2022

An intent redirection vulnerability in the Mi Browser product. This vulnerability is caused by... High Unreviewed

CVE-2020-14116 was published Apr 22, 2022

Remote code execution vulnerability due to insufficient verification of URLs, etc. in... High Unreviewed

CVE-2022-41156 was published Nov 25, 2022

Insufficient Verification of input Data leading to arbitrary file download and execute was... High Unreviewed

CVE-2021-26625 was published Apr 20, 2022

Authorized users may install a maliciously modified package file when updating the device via the... High Unreviewed

CVE-2022-26516 was published Apr 21, 2022

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote... High Unreviewed

CVE-2021-21231 was published May 24, 2022

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed

CVE-2021-1403 was published May 24, 2022

An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to... Critical Unreviewed

CVE-2021-33885 was published May 24, 2022

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker... High Unreviewed

CVE-2021-31228 was published May 24, 2022

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity... Moderate Unreviewed

CVE-2022-28385 was published Jun 9, 2022

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server... Critical Unreviewed

CVE-2022-31813 was published Jun 10, 2022

An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft... Critical Unreviewed

CVE-2021-26608 was published May 24, 2022

A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary... Critical Unreviewed

CVE-2020-24672 was published May 24, 2022

Configuration and database backup archives are not signed or validated in Trend Micro Deep... High Unreviewed

CVE-2017-11379 was published May 17, 2022

An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS... Critical Unreviewed

CVE-2022-31801 was published Jun 22, 2022

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS... Critical Unreviewed

CVE-2022-31800 was published Jun 22, 2022

It was discovered that the IcedTea-Web used codebase attribute of the <applet> tag on the HTML... High Unreviewed

CVE-2015-5236 was published Jul 8, 2022

Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated... Moderate Unreviewed

CVE-2022-31598 was published Jul 13, 2022

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause... High Unreviewed

CVE-2022-34763 was published Jul 14, 2022

The recovery module has a vulnerability of bypassing the verification of an update package before... High Unreviewed

CVE-2022-37008 was published Aug 11, 2022

JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the... Critical Unreviewed

CVE-2022-29958 was published Jul 27, 2022

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

266 advisories