Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

257 advisories

Loading
ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attackers to discover credentials... Critical Unreviewed
CVE-2016-3312 was published May 14, 2022
Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to... Critical Unreviewed
CVE-2018-15534 was published May 14, 2022
ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6... Critical Unreviewed
CVE-2017-9000 was published May 14, 2022
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue,... Critical Unreviewed
CVE-2017-18345 was published May 14, 2022
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or... Critical Unreviewed
CVE-2018-16710 was published May 14, 2022
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and... Critical Unreviewed
CVE-2018-12671 was published May 14, 2022
Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers... Critical Unreviewed
CVE-2015-2254 was published May 14, 2022
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu... Critical Unreviewed
CVE-2018-12892 was published May 14, 2022
The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to... Critical Unreviewed
CVE-2018-20555 was published May 14, 2022
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote... Critical Unreviewed
CVE-2016-8964 was published May 14, 2022
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before... Critical Unreviewed
CVE-2015-5041 was published May 14, 2022
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An... Critical Unreviewed
CVE-2018-13808 was published May 14, 2022
Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12... Critical Unreviewed
CVE-2013-6014 was published May 13, 2022
FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file... Critical Unreviewed
CVE-2018-16705 was published May 13, 2022
The Olive Tree Ftp Server application 1.32 for Android has a "Sensitive Data on the Clipboard"... Critical Unreviewed
CVE-2018-12481 was published May 13, 2022
An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100... Critical Unreviewed
CVE-2017-7899 was published May 13, 2022
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1... Critical Unreviewed
CVE-2017-5738 was published May 13, 2022
VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability.... Critical Unreviewed
CVE-2017-4923 was published May 13, 2022
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0... Critical Unreviewed
CVE-2017-2320 was published May 13, 2022
Anchor CMS Logs Credentials Critical
CVE-2018-7251 was published for anchorcms/anchor-cms (Composer) May 13, 2022
A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary... Critical Unreviewed
CVE-2016-1265 was published May 13, 2022
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0... Critical Unreviewed
CVE-2016-5649 was published May 13, 2022
The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain... Critical Unreviewed
CVE-2016-6548 was published May 13, 2022
Insecure cookie sharing in Hawtio Critical
CVE-2017-2589 was published for io.hawt:project (Maven) May 13, 2022
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have... Critical Unreviewed
CVE-2017-3185 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database