GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
34 advisories
Filter by severity
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of...
High
Unreviewed
CVE-2020-10181
was published
May 24, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the...
High
Unreviewed
CVE-2022-31484
was published
Jun 7, 2022
An unauthenticated attacker could arbitrarily upload firmware files to the target device,...
High
Unreviewed
CVE-2022-31480
was published
Jun 7, 2022
A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1...
High
Unreviewed
CVE-2021-44582
was published
Jun 11, 2022
The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location,...
High
Unreviewed
CVE-2021-24695
was published
May 24, 2022
Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with...
High
Unreviewed
CVE-2022-2192
was published
Jul 20, 2022
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores...
High
Unreviewed
CVE-2022-2544
was published
Aug 23, 2022
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated...
High
Unreviewed
CVE-2022-2551
was published
Aug 23, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export....
High
Unreviewed
CVE-2021-34588
was published
Apr 28, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote,...
High
Unreviewed
CVE-2019-3917
was published
May 13, 2022
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass...
High
Unreviewed
CVE-2019-6551
was published
May 13, 2022
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to...
High
Unreviewed
CVE-2017-15235
was published
May 13, 2022
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP...
High
Unreviewed
CVE-2018-16706
was published
May 13, 2022
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02...
High
Unreviewed
CVE-2019-3916
was published
May 13, 2022
The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote...
High
Unreviewed
CVE-2019-6126
was published
May 13, 2022
A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before...
High
Unreviewed
CVE-2018-6669
was published
May 13, 2022
OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x before 4.10.6 (maintenance),...
High
Unreviewed
CVE-2017-14993
was published
May 13, 2022
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by...
High
Unreviewed
CVE-2018-19109
was published
May 13, 2022
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control...
High
Unreviewed
CVE-2018-18862
was published
May 13, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,...
High
Unreviewed
CVE-2018-7526
was published
May 13, 2022
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or...
High
Unreviewed
CVE-2019-14347
was published
May 24, 2022
A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this...
High
Unreviewed
CVE-2023-1682
was published
Mar 29, 2023
A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as...
High
Unreviewed
CVE-2022-1077
was published
Mar 30, 2022
A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP...
High
Unreviewed
CVE-2022-27480
was published
Apr 13, 2022
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated...
High
Unreviewed
CVE-2021-24831
was published
Jan 4, 2022
ProTip!
Advisories are also available from the
GraphQL API