Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

915 advisories

Loading
Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the... Critical Unreviewed
CVE-2015-9264 was published May 14, 2022
A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter... Critical Unreviewed
CVE-2018-0664 was published May 14, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W,... Critical Unreviewed
CVE-2018-11287 was published May 14, 2022
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple... Critical Unreviewed
CVE-2018-12387 was published May 14, 2022
A vulnerability can occur when capturing a media stream when the media source type is changed as... Critical Unreviewed
CVE-2018-5156 was published May 14, 2022
The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and... Critical Unreviewed
CVE-2016-1929 was published May 14, 2022
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent... Critical Unreviewed
CVE-2017-3241 was published May 14, 2022
HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because... Critical Unreviewed
CVE-2018-19531 was published May 14, 2022
HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because... Critical Unreviewed
CVE-2018-19530 was published May 14, 2022
Incorrect access control in formPasswordSetup in TOTOLINK A3002RU version 1.0.8 allows attackers... Critical Unreviewed
CVE-2018-13315 was published May 14, 2022
NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible... Critical Unreviewed
CVE-2018-5492 was published May 14, 2022
Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in... Critical Unreviewed
CVE-2017-18318 was published May 14, 2022
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to... Critical Unreviewed
CVE-2018-16068 was published May 14, 2022
In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue... Critical Unreviewed
CVE-2018-4254 was published May 14, 2022
Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite... Critical Unreviewed
CVE-2017-15402 was published May 14, 2022
DEXTUploadX5 version Between 1.0.0.0 and 2.2.0.0 contains a vulnerability that could allow remote... Critical Unreviewed
CVE-2018-5203 was published May 14, 2022
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i,... Critical Unreviewed
CVE-2018-20771 was published May 14, 2022
Improper input validation in SCM handler to access storage in TZ can lead to unauthorized access... Critical Unreviewed
CVE-2018-13904 was published May 14, 2022
Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto,... Critical Unreviewed
CVE-2018-11932 was published May 14, 2022
Drupal Core Remote Code Execution Vulnerability Critical
CVE-2018-7600 was published for drupal/core (Composer) May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing... Critical Unreviewed
CVE-2018-5341 was published May 14, 2022
The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, and 10.5.x before 10.5.6 has... Critical Unreviewed
CVE-2018-8971 was published May 14, 2022
An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently... Critical Unreviewed
CVE-2018-5955 was published May 14, 2022
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and... Critical Unreviewed
CVE-2016-0801 was published May 14, 2022
A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below... Critical Unreviewed
CVE-2017-7342 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database