GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
165 advisories
Filter by severity
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file...
Critical
Unreviewed
CVE-2021-45420
was published
Feb 15, 2022
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint...
Critical
Unreviewed
CVE-2021-3773
was published
Feb 17, 2022
IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended...
Critical
Unreviewed
CVE-2010-2783
was published
Apr 21, 2022
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various...
Critical
Unreviewed
CVE-2021-43938
was published
Apr 30, 2022
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account...
Critical
Unreviewed
CVE-2018-11741
was published
May 13, 2022
Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (via HTTP on port 8000) allows...
Critical
Unreviewed
CVE-2018-11653
was published
May 13, 2022
An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access...
Critical
Unreviewed
CVE-2017-5158
was published
May 13, 2022
CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct...
Critical
Unreviewed
CVE-2018-12634
was published
May 13, 2022
The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability...
Critical
Unreviewed
CVE-2017-11435
was published
May 13, 2022
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-...
Critical
Unreviewed
CVE-2017-9788
was published
May 13, 2022
On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI)....
Critical
Unreviewed
CVE-2019-0040
was published
May 13, 2022
In Vignette Content Management version 6, it is possible to gain remote access to administrator...
Critical
Unreviewed
CVE-2018-18941
was published
May 13, 2022
PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it...
Critical
Unreviewed
CVE-2018-20371
was published
May 13, 2022
An issue existed with autofill resuming after it was canceled. The issue was addressed with...
Critical
Unreviewed
CVE-2019-6206
was published
May 13, 2022
In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read...
Critical
Unreviewed
CVE-2018-9852
was published
May 13, 2022
Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation...
Critical
Unreviewed
CVE-2018-8919
was published
May 13, 2022
Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability...
Critical
Unreviewed
CVE-2018-14822
was published
May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON...
Critical
Unreviewed
CVE-2018-10627
was published
May 13, 2022
Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security...
Critical
Unreviewed
CVE-2017-3972
was published
May 13, 2022
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have...
Critical
Unreviewed
CVE-2017-3185
was published
May 13, 2022
The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain...
Critical
Unreviewed
CVE-2016-6548
was published
May 13, 2022
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0...
Critical
Unreviewed
CVE-2016-5649
was published
May 13, 2022
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0...
Critical
Unreviewed
CVE-2017-2320
was published
May 13, 2022
VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability....
Critical
Unreviewed
CVE-2017-4923
was published
May 13, 2022
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1...
Critical
Unreviewed
CVE-2017-5738
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API