Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

143 advisories

Loading
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW... Critical Unreviewed
CVE-2018-9311 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... High Unreviewed
CVE-2018-9314 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... Moderate Unreviewed
CVE-2018-9313 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... High Unreviewed
CVE-2018-9312 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... High Unreviewed
CVE-2018-9320 was published May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,... High Unreviewed
CVE-2018-9322 was published May 14, 2022
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5... Moderate Unreviewed
CVE-2016-0772 was published May 14, 2022
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream... Moderate Unreviewed
CVE-2018-6794 was published May 14, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0138 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0254 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0244 was published May 13, 2022
A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for... Moderate Unreviewed
CVE-2018-0250 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0243 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an... Moderate Unreviewed
CVE-2018-0297 was published May 13, 2022
A vulnerability in the web UI of Cisco TelePresence Server Software could allow an... Moderate Unreviewed
CVE-2018-0326 was published May 13, 2022
A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could... Moderate Unreviewed
CVE-2018-0333 was published May 13, 2022
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an... High Unreviewed
CVE-2018-0383 was published May 13, 2022
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an... Moderate Unreviewed
CVE-2018-0384 was published May 13, 2022
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and... Moderate Unreviewed
CVE-2018-10631 was published May 13, 2022
A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2019-1669 was published May 13, 2022
Protection Mechanism Failure in Jenkins Script Security Plugin High
CVE-2019-1003000 was published for org.jenkins-ci.plugins:script-security (Maven) May 13, 2022
Script security sandbox bypass in Jenkins Job DSL Plugin Critical
CVE-2019-1003034 was published for org.jenkins-ci.plugins:job-dsl (Maven) May 13, 2022
westonsteimel
Script security sandbox bypass in Matrix Project Plugin Critical
CVE-2019-1003031 was published for org.jenkins-ci.plugins:matrix-project (Maven) May 13, 2022
westonsteimel
Jenkins Groovy Plugin sandbox bypass vulnerability High
CVE-2019-1003033 was published for org.jenkins-ci.plugins:groovy (Maven) May 13, 2022
Script security sandbox bypass in Jenkins Email Extension Plugin Critical
CVE-2019-1003032 was published for org.jenkins-ci.plugins:email-ext (Maven) May 13, 2022
westonsteimel
ProTip! Advisories are also available from the GraphQL API