GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
194 advisories
Filter by severity
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web...
Critical
Unreviewed
CVE-2018-9126
was published
May 14, 2022
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the...
Critical
Unreviewed
CVE-2018-10770
was published
May 14, 2022
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the...
Critical
Unreviewed
CVE-2018-12557
was published
May 14, 2022
The forgotten-password feature in index.php/member/reset/reset_email.html in YzmCMS v3.2 through...
Critical
Unreviewed
CVE-2018-11554
was published
May 14, 2022
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 ...
Critical
Unreviewed
CVE-2018-11036
was published
May 14, 2022
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via...
Critical
Unreviewed
CVE-2018-13123
was published
May 14, 2022
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain...
Critical
Unreviewed
CVE-2014-6437
was published
May 14, 2022
Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to...
Critical
Unreviewed
CVE-2018-12336
was published
May 14, 2022
The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote...
Critical
Unreviewed
CVE-2018-14685
was published
May 14, 2022
Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the...
Critical
Unreviewed
CVE-2016-3152
was published
May 14, 2022
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server...
Critical
Unreviewed
CVE-2016-10727
was published
May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote...
Critical
Unreviewed
CVE-2018-14328
was published
May 14, 2022
ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attackers to discover credentials...
Critical
Unreviewed
CVE-2016-3312
was published
May 14, 2022
Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to...
Critical
Unreviewed
CVE-2018-15534
was published
May 14, 2022
ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6...
Critical
Unreviewed
CVE-2017-9000
was published
May 14, 2022
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or...
Critical
Unreviewed
CVE-2018-16710
was published
May 14, 2022
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue,...
Critical
Unreviewed
CVE-2017-18345
was published
May 14, 2022
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and...
Critical
Unreviewed
CVE-2018-12671
was published
May 14, 2022
Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers...
Critical
Unreviewed
CVE-2015-2254
was published
May 14, 2022
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu...
Critical
Unreviewed
CVE-2018-12892
was published
May 14, 2022
The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to...
Critical
Unreviewed
CVE-2018-20555
was published
May 14, 2022
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote...
Critical
Unreviewed
CVE-2016-8964
was published
May 14, 2022
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before...
Critical
Unreviewed
CVE-2015-5041
was published
May 14, 2022
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An...
Critical
Unreviewed
CVE-2018-13808
was published
May 14, 2022
Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12...
Critical
Unreviewed
CVE-2013-6014
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API