GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,945

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

194 advisories

Filter by severity

Sort by

Least recently updated

HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect... Critical Unreviewed

CVE-2019-18823 was published May 24, 2022

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006... Critical Unreviewed

CVE-2016-1112 was published May 17, 2022

eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests... Critical Unreviewed

CVE-2015-7926 was published May 17, 2022

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain... Critical Unreviewed

CVE-2016-2298 was published May 17, 2022

Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded... Critical Unreviewed

CVE-2016-4521 was published May 17, 2022

A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer... Critical Unreviewed

CVE-2019-6177 was published May 24, 2022

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon... Critical Unreviewed

CVE-2019-2254 was published May 24, 2022

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password... Critical Unreviewed

CVE-2019-11403 was published May 24, 2022

A RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015... Critical Unreviewed

CVE-2020-27183 was published May 24, 2022

In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take... Critical Unreviewed

CVE-2020-26167 was published May 24, 2022

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during... Critical Unreviewed

CVE-2020-25179 was published May 24, 2022

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile... Critical Unreviewed

CVE-2020-27134 was published May 24, 2022

admin/user_import.php in Chamilo 1.11.14 reads XML data without disabling the ability to load... Critical Unreviewed

CVE-2021-32925 was published May 24, 2022

best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an... Critical Unreviewed

CVE-2020-28199 was published May 24, 2022

Exposure of Sensitive Information in Jenkins Core Critical

CVE-2016-0791 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022

The sensitive information of webcam device is not properly protected. Remote attackers can... Critical Unreviewed

CVE-2021-30168 was published May 24, 2022

D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive... Critical Unreviewed

CVE-2015-0152 was published May 24, 2022

Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various... Critical Unreviewed

CVE-2021-43938 was published Apr 30, 2022

NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account... Critical Unreviewed

CVE-2018-11741 was published May 13, 2022

Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (via HTTP on port 8000) allows... Critical Unreviewed

CVE-2018-11653 was published May 13, 2022

An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access... Critical Unreviewed

CVE-2017-5158 was published May 13, 2022

The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability... Critical Unreviewed

CVE-2017-11435 was published May 13, 2022

CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct... Critical Unreviewed

CVE-2018-12634 was published May 13, 2022

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-... Critical Unreviewed

CVE-2017-9788 was published May 13, 2022

On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI).... Critical Unreviewed

CVE-2019-0040 was published May 13, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

194 advisories