GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
334 advisories
Filter by severity
Lack of root file system integrity checking in Fortinet FortiManager VM application images of all...
Critical
Unreviewed
CVE-2019-6695
was published
May 24, 2022
It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be...
High
Unreviewed
CVE-2019-10181
was published
May 24, 2022
Auth0 Passport-SharePoint does not validate JWT signature
High
CVE-2019-13483
was published
for
passport-sharepoint
(npm)
May 24, 2022
In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file...
Moderate
Unreviewed
CVE-2019-12804
was published
May 24, 2022
A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow...
High
Unreviewed
CVE-2019-1932
was published
May 24, 2022
Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP2002...
High
Unreviewed
CVE-2019-12504
was published
May 24, 2022
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack...
Moderate
Unreviewed
CVE-2019-1880
was published
May 24, 2022
This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions...
Moderate
Unreviewed
CVE-2019-5431
was published
May 24, 2022
Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the...
High
Unreviewed
CVE-2019-3786
was published
May 24, 2022
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is...
Critical
Unreviewed
CVE-2019-11235
was published
May 24, 2022
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier,...
Moderate
Unreviewed
CVE-2014-4883
was published
May 17, 2022
The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated...
High
Unreviewed
CVE-2014-5406
was published
May 17, 2022
** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in...
High
Unreviewed
CVE-2015-2908
was published
May 17, 2022
The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity...
Moderate
Unreviewed
CVE-2015-8254
was published
May 17, 2022
McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass...
High
Unreviewed
CVE-2016-3983
was published
May 17, 2022
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates...
High
Unreviewed
CVE-2016-2346
was published
May 17, 2022
Drupal Incorrect cache context on password reset page
High
CVE-2016-9450
was published
for
drupal/core
(Composer)
May 17, 2022
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and...
High
Unreviewed
CVE-2014-4936
was published
May 17, 2022
iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to...
High
Unreviewed
CVE-2016-2309
was published
May 17, 2022
Configuration and database backup archives are not signed or validated in Trend Micro Deep...
High
Unreviewed
CVE-2017-11379
was published
May 17, 2022
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and...
High
Unreviewed
CVE-2014-2718
was published
May 17, 2022
The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for...
Moderate
Unreviewed
CVE-2015-9232
was published
May 17, 2022
Insufficient Data Verification in io.really:jwt-scala
Moderate
CVE-2017-10862
was published
for
io.really:jwt-scala
(Maven)
May 17, 2022
Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker...
Moderate
Unreviewed
CVE-2017-2701
was published
May 17, 2022
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific...
High
Unreviewed
CVE-2017-14091
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API