GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
194 advisories
Filter by severity
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or...
Critical
Unreviewed
CVE-2018-16710
was published
May 14, 2022
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue,...
Critical
Unreviewed
CVE-2017-18345
was published
May 14, 2022
ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6...
Critical
Unreviewed
CVE-2017-9000
was published
May 14, 2022
Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to...
Critical
Unreviewed
CVE-2018-15534
was published
May 14, 2022
ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attackers to discover credentials...
Critical
Unreviewed
CVE-2016-3312
was published
May 14, 2022
Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the...
Critical
Unreviewed
CVE-2016-3152
was published
May 14, 2022
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain...
Critical
Unreviewed
CVE-2014-6437
was published
May 14, 2022
The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote...
Critical
Unreviewed
CVE-2018-14685
was published
May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote...
Critical
Unreviewed
CVE-2018-14328
was published
May 14, 2022
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server...
Critical
Unreviewed
CVE-2016-10727
was published
May 14, 2022
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via...
Critical
Unreviewed
CVE-2018-13123
was published
May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote...
Critical
Unreviewed
CVE-2018-12908
was published
May 14, 2022
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the...
Critical
Unreviewed
CVE-2018-12557
was published
May 14, 2022
Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to...
Critical
Unreviewed
CVE-2018-12336
was published
May 14, 2022
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 ...
Critical
Unreviewed
CVE-2018-11036
was published
May 14, 2022
The forgotten-password feature in index.php/member/reset/reset_email.html in YzmCMS v3.2 through...
Critical
Unreviewed
CVE-2018-11554
was published
May 14, 2022
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the...
Critical
Unreviewed
CVE-2018-10770
was published
May 14, 2022
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login...
Critical
Unreviewed
CVE-2018-10734
was published
May 14, 2022
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web...
Critical
Unreviewed
CVE-2018-9126
was published
May 14, 2022
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have...
Critical
Unreviewed
CVE-2018-10106
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile...
Critical
Unreviewed
CVE-2016-10430
was published
May 14, 2022
Applications in cf-release before 245 can be configured and pushed with a user-provided custom...
Critical
Unreviewed
CVE-2016-6658
was published
May 14, 2022
LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application...
Critical
Unreviewed
CVE-2018-7556
was published
May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a...
Critical
Unreviewed
CVE-2018-5726
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libmpeg2). Product:...
Critical
Unreviewed
CVE-2017-13205
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API