GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,303 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in ThinkSAAS 2.91. There is XSS via the index.php?app=group&ac=create&ts... Moderate Unreviewed

CVE-2019-16664 was published May 24, 2022

Ogma CMS 0.5 has XSS via creation of a new blog. Moderate Unreviewed

CVE-2019-16661 was published May 24, 2022

TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article... Moderate Unreviewed

CVE-2019-16657 was published May 24, 2022

An issue was discovered in PRiSE adAS 1.7.0. A file's format is not properly checked, leading to... Moderate Unreviewed

CVE-2019-14916 was published May 24, 2022

An issue was discovered in PRiSE adAS 1.7.0. Certificate data are not properly escaped. This... Moderate Unreviewed

CVE-2019-14915 was published May 24, 2022

An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly escape output... Moderate Unreviewed

CVE-2019-14911 was published May 24, 2022

An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto... Moderate Unreviewed

CVE-2019-14912 was published May 24, 2022

An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2.... Moderate Unreviewed

CVE-2019-11327 was published May 24, 2022

Prospecta Master Data Online (MDO) allows CSRF. Moderate Unreviewed

CVE-2018-17789 was published May 24, 2022

The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because... Moderate Unreviewed

CVE-2015-9390 was published May 24, 2022

The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS. Moderate Unreviewed

CVE-2015-9388 was published May 24, 2022

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of... Moderate Unreviewed

CVE-2019-3738 was published May 24, 2022

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing... Moderate Unreviewed

CVE-2019-3739 was published May 24, 2022

The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF. Moderate Unreviewed

CVE-2015-9387 was published May 24, 2022

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through... Moderate Unreviewed

CVE-2019-3740 was published May 24, 2022

An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill... Moderate Unreviewed

CVE-2019-16525 was published May 24, 2022

An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment... Moderate Unreviewed

CVE-2019-16511 was published May 24, 2022

If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1.6.4 inclusive, sets a last... Moderate Unreviewed

CVE-2019-11778 was published May 24, 2022

IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 through 2.0.0.5, v2.1.0... Moderate Unreviewed

CVE-2018-1847 was published May 24, 2022

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an... Moderate Unreviewed

CVE-2019-12620 was published May 24, 2022

Online upgrade information in some firmware packages of Dahua products is not encrypted.... Moderate Unreviewed

CVE-2019-9681 was published May 24, 2022

A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache... Moderate Unreviewed

CVE-2019-14826 was published May 24, 2022

3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0,... Moderate Unreviewed

CVE-2019-13542 was published May 24, 2022

The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music... Moderate Unreviewed

CVE-2016-10992 was published May 24, 2022

The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php... Moderate Unreviewed

CVE-2016-10983 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

100,303 advisories