GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

165 advisories

Filter by severity

Sort by

Least recently updated

A RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015... Critical Unreviewed

CVE-2020-27183 was published May 24, 2022

HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect... Critical Unreviewed

CVE-2019-18823 was published May 24, 2022

Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a... Critical Unreviewed

CVE-2019-15859 was published May 24, 2022

A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer... Critical Unreviewed

CVE-2019-6177 was published May 24, 2022

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon... Critical Unreviewed

CVE-2019-2254 was published May 24, 2022

HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4.... Critical Unreviewed

CVE-2019-11991 was published May 24, 2022

An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module... Critical Unreviewed

CVE-2019-5016 was published May 24, 2022

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext... Critical Unreviewed

CVE-2018-20839 was published May 24, 2022

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password... Critical Unreviewed

CVE-2019-11403 was published May 24, 2022

Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded... Critical Unreviewed

CVE-2016-4521 was published May 17, 2022

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain... Critical Unreviewed

CVE-2016-2298 was published May 17, 2022

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006... Critical Unreviewed

CVE-2016-1112 was published May 17, 2022

eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests... Critical Unreviewed

CVE-2015-7926 was published May 17, 2022

admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to... Critical Unreviewed

CVE-2016-10105 was published May 17, 2022

An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x... Critical Unreviewed

CVE-2016-9885 was published May 17, 2022

An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An... Critical Unreviewed

CVE-2017-5166 was published May 17, 2022

CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to... Critical Unreviewed

CVE-2017-6070 was published May 17, 2022

A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white... Critical Unreviewed

CVE-2017-5674 was published May 17, 2022

iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2... Critical Unreviewed

CVE-2016-5757 was published May 17, 2022

The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and... Critical Unreviewed

CVE-2015-5729 was published May 17, 2022

Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the... Critical Unreviewed

CVE-2017-7575 was published May 17, 2022

Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and... Critical Unreviewed

CVE-2016-1557 was published May 17, 2022

D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames,... Critical Unreviewed

CVE-2015-7247 was published May 17, 2022

The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation,... Critical Unreviewed

CVE-2016-5006 was published May 17, 2022

An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root... Critical Unreviewed

CVE-2017-7317 was published May 17, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

165 advisories