Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version... High Unreviewed
CVE-2018-18390 was published May 14, 2022
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover... High Unreviewed
CVE-2018-18376 was published May 14, 2022
The MESILAT Zabbix plugin before 1.1.15 for Atlassian Confluence allows attackers to read... High Unreviewed
CVE-2018-18289 was published May 14, 2022
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is... High Unreviewed
CVE-2018-18657 was published May 14, 2022
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is... High Unreviewed
CVE-2018-18658 was published May 14, 2022
Webdynpro in SAP Solman 7.1 through 7.31 allows remote attackers to obtain sensitive information... High Unreviewed
CVE-2016-10005 was published May 14, 2022
The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows... High Unreviewed
CVE-2017-5372 was published May 14, 2022
When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java... High Unreviewed
CVE-2018-9489 was published May 14, 2022
LFI in PHP-Proxy 5.1.0 High
CVE-2018-19246 was published for athlon1600/php-proxy (Composer) May 14, 2022
GSKit V7 may disclose side channel information via discrepancies between valid and invalid PKCS#1... High Unreviewed
CVE-2018-1388 was published May 14, 2022
There is an information leakage vulnerability on several Huawei products. Due to insufficient... High Unreviewed
CVE-2018-7977 was published May 14, 2022
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X... High Unreviewed
CVE-2014-9162 was published May 14, 2022
Incorrect access control in the /mysql/api/drobo.php endpoint in Drobo 5N2 NAS version 4.0.5-13... High Unreviewed
CVE-2018-14696 was published May 14, 2022
Incorrect access control in the /drobopix/api/drobo.php endpoint in Drobo 5N2 NAS version 4.0.5... High Unreviewed
CVE-2018-14702 was published May 14, 2022
Incorrect access control in the /mysql/api/diags.php endpoint in Drobo 5N2 NAS version 4.0.5-13... High Unreviewed
CVE-2018-14695 was published May 14, 2022
Session Exposure in the web application for TerraMaster TOS version 3.1.03 allows attackers to... High Unreviewed
CVE-2018-13352 was published May 14, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before... High Unreviewed
CVE-2018-18648 was published May 14, 2022
An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in... High Unreviewed
CVE-2018-7812 was published May 14, 2022
Incorrect access control in get_portal_info in Buffalo TS5600D1206 version 3.61-0.10 allows... High Unreviewed
CVE-2018-13319 was published May 14, 2022
imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI. High Unreviewed
CVE-2018-20606 was published May 14, 2022
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php... High Unreviewed
CVE-2018-20608 was published May 14, 2022
On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and... High Unreviewed
CVE-2018-15328 was published May 14, 2022
Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI. High Unreviewed
CVE-2018-20602 was published May 14, 2022
DamiCMS 6.0.1 allows remote attackers to read arbitrary files via a crafted admin.php?s=Tpl/Add... High Unreviewed
CVE-2018-20571 was published May 14, 2022
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and... High Unreviewed
CVE-2018-12673 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database