Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

915 advisories

Loading
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8122 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8117 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8120 was published May 13, 2022
Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which... Critical Unreviewed
CVE-2017-16935 was published May 13, 2022
The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7... Critical Unreviewed
CVE-2017-11771 was published May 13, 2022
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2... Critical Unreviewed
CVE-2017-11402 was published May 13, 2022
In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authenticated, remote attacker can... Critical Unreviewed
CVE-2017-10700 was published May 13, 2022
The set_version script as shipped with obs-service-set_version is a source validator for the Open... Critical Unreviewed
CVE-2014-0593 was published May 13, 2022
A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x... Critical Unreviewed
CVE-2014-9186 was published May 13, 2022
SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000... Critical Unreviewed
CVE-2016-6567 was published May 13, 2022
Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the... Critical Unreviewed
CVE-2017-0915 was published May 13, 2022
Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the... Critical Unreviewed
CVE-2017-0916 was published May 13, 2022
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a... Critical Unreviewed
CVE-2017-12240 was published May 13, 2022
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function... Critical Unreviewed
CVE-2017-12178 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing... Critical Unreviewed
CVE-2017-12181 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection... Critical Unreviewed
CVE-2017-12176 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing... Critical Unreviewed
CVE-2017-12180 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing... Critical Unreviewed
CVE-2017-12182 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension... Critical Unreviewed
CVE-2017-12185 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing... Critical Unreviewed
CVE-2017-12183 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing... Critical Unreviewed
CVE-2017-12184 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing... Critical Unreviewed
CVE-2017-12186 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing... Critical Unreviewed
CVE-2017-12187 was published May 13, 2022
A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx... Critical Unreviewed
CVE-2017-12367 was published May 13, 2022
On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE... Critical Unreviewed
CVE-2017-2345 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database