Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

915 advisories

Loading
Improper Input Validation in Apache ActiveMQ Critical
CVE-2016-3088 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
An input validation issue was addressed with improved input validation. This issue affected... Critical Unreviewed
CVE-2018-4295 was published May 14, 2022
A configuration issue was addressed with additional restrictions. This issue affected versions... Critical Unreviewed
CVE-2018-4353 was published May 14, 2022
The VStarCam vstc.vscam.client library and vstc.vscam shared object, as used in the Eye4... Critical Unreviewed
CVE-2019-11014 was published May 14, 2022
On D-Link DAP-1530 (A1) before firmware version 1.06b01, DAP-1610 (A1) before firmware version 1... Critical Unreviewed
CVE-2018-19300 was published May 14, 2022
The PS PHPCaptcha WP plugin before v1.2.0 for WordPress mishandles sanitization of input values. Critical Unreviewed
CVE-2019-7412 was published May 14, 2022
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent... Critical Unreviewed
CVE-2017-8923 was published May 14, 2022
An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV)... Critical Unreviewed
CVE-2018-19524 was published May 14, 2022
Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that... Critical Unreviewed
CVE-2018-20162 was published May 14, 2022
Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox... Critical Unreviewed
CVE-2019-10063 was published May 14, 2022
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on... Critical Unreviewed
CVE-2018-12549 was published May 14, 2022
A flaw was found in the way spice-client processed certain messages sent from the server. An... Critical Unreviewed
CVE-2017-12194 was published May 14, 2022
Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager ... Critical Unreviewed
CVE-2016-1291 was published May 14, 2022
Apache Struts vulnerable to arbitrary remote code execution due to improper input validation Critical
CVE-2016-3087 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
Arbitrary code execution in Apache Struts 2 Critical
CVE-2016-4438 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs... Critical Unreviewed
CVE-2018-7784 was published May 13, 2022
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid... Critical Unreviewed
CVE-2018-7739 was published May 13, 2022
Etherpad Lite Access Restriction Bypass Critical
CVE-2018-6835 was published for ep_etherpad-lite (npm) May 13, 2022
Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0... Critical Unreviewed
CVE-2018-17472 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8126 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8128 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8123 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8129 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8119 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8124 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database