Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

194 advisories

Loading
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a... Critical Unreviewed
CVE-2018-5726 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libmpeg2). Product:... Critical Unreviewed
CVE-2017-13205 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (aac). Product: Android.... Critical Unreviewed
CVE-2017-13188 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... Critical Unreviewed
CVE-2017-11079 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13204 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13185 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13203 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13187 was published May 14, 2022
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access... Critical Unreviewed
CVE-2018-3813 was published May 14, 2022
CPEs used by subscribers on the access network receive their individual configuration settings... Critical Unreviewed
CVE-2017-6094 was published May 14, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. Critical Unreviewed
CVE-2017-17734 was published May 14, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. Critical Unreviewed
CVE-2017-17735 was published May 14, 2022
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows... Critical Unreviewed
CVE-2017-13664 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-0879 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-13149 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-13150 was published May 17, 2022
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains... Critical Unreviewed
CVE-2017-13701 was published May 17, 2022
CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially... Critical Unreviewed
CVE-2017-9393 was published May 17, 2022
Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via... Critical Unreviewed
CVE-2015-8707 was published May 17, 2022
ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc... Critical Unreviewed
CVE-2015-5284 was published May 17, 2022
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP... Critical Unreviewed
CVE-2014-8174 was published May 17, 2022
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive... Critical Unreviewed
CVE-2017-14269 was published May 17, 2022
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the ... Critical Unreviewed
CVE-2016-10175 was published May 17, 2022
Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to... Critical Unreviewed
CVE-2015-5959 was published May 17, 2022
Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of... Critical Unreviewed
CVE-2017-5496 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database