GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,809 advisories

Filter by severity

Sort by

Least recently updated

Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via ... Critical Unreviewed

CVE-2019-16314 was published May 24, 2022

FlameCMS 3.3.5 has SQL injection in account/login.php via accountName. Critical Unreviewed

CVE-2019-16309 was published May 24, 2022

A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). The... Critical Unreviewed

CVE-2019-13923 was published May 24, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1).... Critical Unreviewed

CVE-2019-13918 was published May 24, 2022

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially... Critical Unreviewed

CVE-2019-13548 was published May 24, 2022

A remote code execution vulnerability is present in network-listening components in some versions... Critical Unreviewed

CVE-2018-7081 was published May 24, 2022

Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction... Critical Unreviewed

CVE-2019-6005 was published May 24, 2022

Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/... Critical Unreviewed

CVE-2019-16261 was published May 24, 2022

Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway ... Critical Unreviewed

CVE-2019-3638 was published May 24, 2022

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a... Critical Unreviewed

CVE-2019-14237 was published May 24, 2022

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices,... Critical Unreviewed

CVE-2019-14236 was published May 24, 2022

Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE... Critical Unreviewed

CVE-2019-11898 was published May 24, 2022

The java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is... Critical Unreviewed

CVE-2019-0189 was published May 24, 2022

An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field... Critical Unreviewed

CVE-2019-10074 was published May 24, 2022

Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated... Critical Unreviewed

CVE-2019-3975 was published May 24, 2022

An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import... Critical Unreviewed

CVE-2019-15896 was published May 24, 2022

VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a... Critical Unreviewed

CVE-2019-14457 was published May 24, 2022

An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found. Critical Unreviewed

CVE-2019-10256 was published May 24, 2022

Couchbase Server 5.1.1 generates insufficiently random numbers. The product hosts many network... Critical Unreviewed

CVE-2019-11495 was published May 24, 2022

upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote... Critical Unreviewed

CVE-2019-16192 was published May 24, 2022

A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey... Critical Unreviewed

CVE-2019-16184 was published May 24, 2022

SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L REVA through 1.20, and DIR... Critical Unreviewed

CVE-2019-16190 was published May 24, 2022

Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. Critical Unreviewed

CVE-2019-16093 was published May 24, 2022

Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. Critical Unreviewed

CVE-2019-16092 was published May 24, 2022

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for... Critical Unreviewed

CVE-2019-16102 was published May 24, 2022

Previous 1 2 … 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

18,809 advisories