GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
18,809 advisories
Filter by severity
The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp...
Critical
Unreviewed
CVE-2017-17434
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10...
Critical
Unreviewed
CVE-2017-2423
was published
May 13, 2022
BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*)...
Critical
Unreviewed
CVE-2017-17974
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645,...
Critical
Unreviewed
CVE-2017-18314
was published
May 13, 2022
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle...
Critical
Unreviewed
CVE-2017-3324
was published
May 13, 2022
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated...
Critical
Unreviewed
CVE-2017-17106
was published
May 13, 2022
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an...
Critical
Unreviewed
CVE-2017-18001
was published
May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon...
Critical
Unreviewed
CVE-2017-18071
was published
May 13, 2022
IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not...
Critical
Unreviewed
CVE-2017-1601
was published
May 13, 2022
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234...
Critical
Unreviewed
CVE-2017-16523
was published
May 13, 2022
JBMC DirectAdmin before 1.52, when the email_ftp_password_change setting is nonzero, allows...
Critical
Unreviewed
CVE-2017-18045
was published
May 13, 2022
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the...
Critical
Unreviewed
CVE-2017-18212
was published
May 13, 2022
The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to...
Critical
Unreviewed
CVE-2017-16638
was published
May 13, 2022
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading...
Critical
Unreviewed
CVE-2017-3097
was published
May 13, 2022
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading...
Critical
Unreviewed
CVE-2017-3090
was published
May 13, 2022
Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global...
Critical
Unreviewed
CVE-2017-17736
was published
May 13, 2022
An issue was discovered on Ichano AtHome IP Camera devices. The device runs the "noodles" binary ...
Critical
Unreviewed
CVE-2017-17761
was published
May 13, 2022
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6...
Critical
Unreviewed
CVE-2017-17067
was published
May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for...
Critical
Unreviewed
CVE-2017-15999
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10...
Critical
Unreviewed
CVE-2017-2518
was published
May 13, 2022
An issue was discovered in Apexis APM-H803-MPC software, as used with many different models of IP...
Critical
Unreviewed
CVE-2017-17101
was published
May 13, 2022
Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search...
Critical
Unreviewed
CVE-2017-17733
was published
May 13, 2022
In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD...
Critical
Unreviewed
CVE-2017-17773
was published
May 13, 2022
An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx...
Critical
Unreviewed
CVE-2017-16743
was published
May 13, 2022
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for...
Critical
Unreviewed
CVE-2017-15994
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API