Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

194 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor Critical
CVE-2021-32711 was published for shopware/platform (Composer) Sep 8, 2021
In Vignette Content Management version 6, it is possible to gain remote access to administrator... Critical Unreviewed
CVE-2018-18941 was published May 13, 2022
PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it... Critical Unreviewed
CVE-2018-20371 was published May 13, 2022
An issue existed with autofill resuming after it was canceled. The issue was addressed with... Critical Unreviewed
CVE-2019-6206 was published May 13, 2022
In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read... Critical Unreviewed
CVE-2018-9852 was published May 13, 2022
Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation... Critical Unreviewed
CVE-2018-8919 was published May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-10627 was published May 13, 2022
Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security... Critical Unreviewed
CVE-2017-3972 was published May 13, 2022
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have... Critical Unreviewed
CVE-2017-3185 was published May 13, 2022
Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability... Critical Unreviewed
CVE-2018-14822 was published May 13, 2022
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0... Critical Unreviewed
CVE-2016-5649 was published May 13, 2022
The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain... Critical Unreviewed
CVE-2016-6548 was published May 13, 2022
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0... Critical Unreviewed
CVE-2017-2320 was published May 13, 2022
Insecure cookie sharing in Hawtio Critical
CVE-2017-2589 was published for io.hawt:project (Maven) May 13, 2022
VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability.... Critical Unreviewed
CVE-2017-4923 was published May 13, 2022
An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100... Critical Unreviewed
CVE-2017-7899 was published May 13, 2022
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1... Critical Unreviewed
CVE-2017-5738 was published May 13, 2022
FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file... Critical Unreviewed
CVE-2018-16705 was published May 13, 2022
The Olive Tree Ftp Server application 1.32 for Android has a "Sensitive Data on the Clipboard"... Critical Unreviewed
CVE-2018-12481 was published May 13, 2022
Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12... Critical Unreviewed
CVE-2013-6014 was published May 13, 2022
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An... Critical Unreviewed
CVE-2018-13808 was published May 14, 2022
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before... Critical Unreviewed
CVE-2015-5041 was published May 14, 2022
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote... Critical Unreviewed
CVE-2016-8964 was published May 14, 2022
The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to... Critical Unreviewed
CVE-2018-20555 was published May 14, 2022
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu... Critical Unreviewed
CVE-2018-12892 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database