Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

554 advisories

Loading
An attacker who has already compromised the local system could use TinyWall Controller to gain... High Unreviewed
CVE-2019-19470 was published May 24, 2022
An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open... High Unreviewed
CVE-2019-19909 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The... High Unreviewed
CVE-2019-18283 was published May 24, 2022
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization... High Unreviewed
CVE-2019-18935 was published May 24, 2022
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series... High Unreviewed
CVE-2019-15271 was published May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data... High Unreviewed
CVE-2019-18601 was published May 24, 2022
mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE... High Unreviewed
CVE-2019-17080 was published May 24, 2022
Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30,... High Unreviewed
CVE-2019-11666 was published May 24, 2022
The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via... High Unreviewed
CVE-2017-18604 was published May 24, 2022
A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web... High Unreviewed
CVE-2019-5069 was published May 24, 2022
A flaw was found in the yaml.load() function in the osbs-client versions since 0.46 before 0.56.1... High Unreviewed
CVE-2019-10135 was published May 24, 2022
Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via... High Unreviewed
CVE-2019-11080 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-5350 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-11956 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-11950 was published May 24, 2022
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an... High Unreviewed
CVE-2019-9875 was published May 24, 2022
Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. High Unreviewed
CVE-2017-18375 was published May 24, 2022
e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php... High Unreviewed
CVE-2016-10753 was published May 24, 2022
A vulnerability has been identified in LOGO! Soft Comfort (All versions). The vulnerability could... High Unreviewed
CVE-2019-10924 was published May 24, 2022
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and... High Unreviewed
CVE-2022-1118 was published May 18, 2022
The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote... High Unreviewed
CVE-2016-7065 was published May 17, 2022
Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code... High Unreviewed
CVE-2017-8829 was published May 17, 2022
TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2012-0911 was published May 17, 2022
The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows... High Unreviewed
CVE-2013-1465 was published May 17, 2022
The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows... High Unreviewed
CVE-2015-5164 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database