GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
165 advisories
Filter by severity
An information disclosure vulnerability in the Android media framework (libavc). Product: Android...
Critical
Unreviewed
CVE-2017-13203
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:...
Critical
Unreviewed
CVE-2017-13185
was published
May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
Critical
Unreviewed
CVE-2017-11079
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:...
Critical
Unreviewed
CVE-2017-13187
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libmpeg2). Product:...
Critical
Unreviewed
CVE-2017-13205
was published
May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a...
Critical
Unreviewed
CVE-2018-5726
was published
May 14, 2022
LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application...
Critical
Unreviewed
CVE-2018-7556
was published
May 14, 2022
Applications in cf-release before 245 can be configured and pushed with a user-provided custom...
Critical
Unreviewed
CVE-2016-6658
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile...
Critical
Unreviewed
CVE-2016-10430
was published
May 14, 2022
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have...
Critical
Unreviewed
CVE-2018-10106
was published
May 14, 2022
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web...
Critical
Unreviewed
CVE-2018-9126
was published
May 14, 2022
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login...
Critical
Unreviewed
CVE-2018-10734
was published
May 14, 2022
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the...
Critical
Unreviewed
CVE-2018-10770
was published
May 14, 2022
The forgotten-password feature in index.php/member/reset/reset_email.html in YzmCMS v3.2 through...
Critical
Unreviewed
CVE-2018-11554
was published
May 14, 2022
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 ...
Critical
Unreviewed
CVE-2018-11036
was published
May 14, 2022
Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to...
Critical
Unreviewed
CVE-2018-12336
was published
May 14, 2022
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the...
Critical
Unreviewed
CVE-2018-12557
was published
May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote...
Critical
Unreviewed
CVE-2018-12908
was published
May 14, 2022
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via...
Critical
Unreviewed
CVE-2018-13123
was published
May 14, 2022
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server...
Critical
Unreviewed
CVE-2016-10727
was published
May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote...
Critical
Unreviewed
CVE-2018-14328
was published
May 14, 2022
The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote...
Critical
Unreviewed
CVE-2018-14685
was published
May 14, 2022
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain...
Critical
Unreviewed
CVE-2014-6437
was published
May 14, 2022
Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the...
Critical
Unreviewed
CVE-2016-3152
was published
May 14, 2022
ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attackers to discover credentials...
Critical
Unreviewed
CVE-2016-3312
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API