Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

175 advisories

Loading
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or... Critical Unreviewed
CVE-2018-16710 was published May 14, 2022
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and... Critical Unreviewed
CVE-2018-12671 was published May 14, 2022
Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers... Critical Unreviewed
CVE-2015-2254 was published May 14, 2022
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu... Critical Unreviewed
CVE-2018-12892 was published May 14, 2022
The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to... Critical Unreviewed
CVE-2018-20555 was published May 14, 2022
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote... Critical Unreviewed
CVE-2016-8964 was published May 14, 2022
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before... Critical Unreviewed
CVE-2015-5041 was published May 14, 2022
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An... Critical Unreviewed
CVE-2018-13808 was published May 14, 2022
Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12... Critical Unreviewed
CVE-2013-6014 was published May 13, 2022
FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file... Critical Unreviewed
CVE-2018-16705 was published May 13, 2022
The Olive Tree Ftp Server application 1.32 for Android has a "Sensitive Data on the Clipboard"... Critical Unreviewed
CVE-2018-12481 was published May 13, 2022
An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100... Critical Unreviewed
CVE-2017-7899 was published May 13, 2022
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1... Critical Unreviewed
CVE-2017-5738 was published May 13, 2022
VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability.... Critical Unreviewed
CVE-2017-4923 was published May 13, 2022
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0... Critical Unreviewed
CVE-2017-2320 was published May 13, 2022
Anchor CMS Logs Credentials Critical
CVE-2018-7251 was published for anchorcms/anchor-cms (Composer) May 13, 2022
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0... Critical Unreviewed
CVE-2016-5649 was published May 13, 2022
The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain... Critical Unreviewed
CVE-2016-6548 was published May 13, 2022
Insecure cookie sharing in Hawtio Critical
CVE-2017-2589 was published for io.hawt:project (Maven) May 13, 2022
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have... Critical Unreviewed
CVE-2017-3185 was published May 13, 2022
Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security... Critical Unreviewed
CVE-2017-3972 was published May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-10627 was published May 13, 2022
Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability... Critical Unreviewed
CVE-2018-14822 was published May 13, 2022
Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation... Critical Unreviewed
CVE-2018-8919 was published May 13, 2022
In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read... Critical Unreviewed
CVE-2018-9852 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API