Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an... Moderate Unreviewed
CVE-2018-0297 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0254 was published May 13, 2022
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an... High Unreviewed
CVE-2018-0383 was published May 13, 2022
A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for... Moderate Unreviewed
CVE-2018-0250 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0138 was published May 13, 2022
Agent-to-controller security bypass in Jenkins BMC Compuware ISPW Operations plugin Moderate
CVE-2022-36899 was published for com.compuware.jenkins:compuware-ispw-operations (Maven) Jul 28, 2022
NotMyFault
Jenkins WildFly Deployer Plugin vulnerable to path traversal Moderate
CVE-2022-41235 was published for org.jenkins-ci.plugins:wildfly-deployer (Maven) Sep 22, 2022
NotMyFault
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream... Moderate Unreviewed
CVE-2018-6794 was published May 14, 2022
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5... Moderate Unreviewed
CVE-2016-0772 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... High Unreviewed
CVE-2018-9312 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... High Unreviewed
CVE-2018-9320 was published May 14, 2022
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW... Critical Unreviewed
CVE-2018-9311 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... Moderate Unreviewed
CVE-2018-9313 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... High Unreviewed
CVE-2018-9322 was published May 14, 2022
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW... Critical Unreviewed
CVE-2018-9318 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... High Unreviewed
CVE-2018-9314 was published May 14, 2022
Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD... Critical Unreviewed
CVE-2017-8864 was published May 17, 2022
A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service... Moderate Unreviewed
CVE-2022-22152 was published Jan 20, 2022
Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin Low
CVE-2022-25186 was published for com.datapipe.jenkins.plugins:hashicorp-vault-plugin (Maven) Feb 16, 2022
NotMyFault
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass... Moderate Unreviewed
CVE-2023-0085 was published Mar 2, 2023
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. A client can... High Unreviewed
CVE-2022-39957 was published Sep 21, 2022
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could... Moderate Unreviewed
CVE-2020-3315 was published May 24, 2022
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could... High Unreviewed
CVE-2021-1223 was published May 24, 2022
Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in... Moderate Unreviewed
CVE-2021-1224 was published May 24, 2022
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could... Moderate Unreviewed
CVE-2020-3299 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database