GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,809 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0... Critical Unreviewed

CVE-2017-2320 was published May 13, 2022

Certain HP Print Products are potentially vulnerable to Remote Code Execution. Critical Unreviewed

CVE-2022-28721 was published Sep 27, 2022

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and... Critical Unreviewed

CVE-2017-18129 was published May 13, 2022

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed

CVE-2017-18130 was published May 13, 2022

Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which... Critical Unreviewed

CVE-2017-16935 was published May 13, 2022

An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any... Critical Unreviewed

CVE-2017-15597 was published May 13, 2022

Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view... Critical Unreviewed

CVE-2017-15877 was published May 13, 2022

Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended... Critical Unreviewed

CVE-2017-16885 was published May 13, 2022

Remote Information Disclosure and Escalation of Privileges in ManageEngine Desktop Central MSP 10... Critical Unreviewed

CVE-2017-16924 was published May 13, 2022

A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before... Critical Unreviewed

CVE-2017-18044 was published May 13, 2022

The VR Calendar WordPress plugin through 2.2.2 lets any user execute arbitrary PHP functions on... Critical Unreviewed

CVE-2022-2314 was published Aug 16, 2022

BigBlueButton before 2.2.7 does not have a protection mechanism for separator injection in... Critical Unreviewed

CVE-2020-27602 was published Sep 30, 2022

Xpress Server in SAP POS does not require authentication for read/write/delete file access. This... Critical Unreviewed

CVE-2017-15295 was published May 13, 2022

The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username,... Critical Unreviewed

CVE-2017-16562 was published May 13, 2022

Conarc iChannel allows remote attackers to obtain sensitive information, modify the configuration... Critical Unreviewed

CVE-2017-17759 was published May 13, 2022

The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing... Critical Unreviewed

CVE-2017-16780 was published May 13, 2022

Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because... Critical Unreviewed

CVE-2017-15226 was published May 13, 2022

Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20,... Critical Unreviewed

CVE-2017-17301 was published May 13, 2022

validate_form_preferences in admin/preferences.php in BlogoText through 3.7.6 allows attackers to... Critical Unreviewed

CVE-2017-17794 was published May 13, 2022

BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in... Critical Unreviewed

CVE-2020-35674 was published Sep 30, 2022

A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a... Critical Unreviewed

CVE-2017-1710 was published May 13, 2022

In Snapdragon Automobile, Snapdragon IoT and Snapdragon Mobile MDM9206 MDM9607, MDM9650, S820A,... Critical Unreviewed

CVE-2017-14910 was published May 13, 2022

ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. Critical Unreviewed

CVE-2017-15032 was published May 13, 2022

Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently... Critical Unreviewed

CVE-2017-14942 was published May 13, 2022

Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell... Critical Unreviewed

CVE-2017-16926 was published May 13, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

18,809 advisories