Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,233 advisories

Loading
In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change... High Unreviewed
CVE-2022-44211 was published Dec 2, 2022
An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the... High Unreviewed
CVE-2022-44932 was published Dec 8, 2022
Vulnerabilities in the AirWave Management Platform web-based management interface exist which... High Unreviewed
CVE-2022-37918 was published Dec 8, 2022
Vulnerabilities in the AirWave Management Platform web-based management interface exist which... High Unreviewed
CVE-2022-37916 was published Dec 8, 2022
Vulnerabilities in the AirWave Management Platform web-based management interface exist which... High Unreviewed
CVE-2022-37917 was published Dec 8, 2022
Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to... High Unreviewed
CVE-2025-43947 was published Apr 22, 2025
A vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected... High Unreviewed
CVE-2022-45936 was published Dec 13, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2,... High Unreviewed
CVE-2022-42861 was published Dec 15, 2022
The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin... High Unreviewed
CVE-2015-3302 was published May 14, 2022
In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users ... High Unreviewed
CVE-2017-5254 was published May 13, 2022
An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local,... High Unreviewed
CVE-2017-14031 was published May 13, 2022
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure... High Unreviewed
CVE-2017-12262 was published May 13, 2022
Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow... High Unreviewed
CVE-2016-5714 was published May 24, 2022
An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users... High Unreviewed
CVE-2017-8448 was published May 13, 2022
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows... High Unreviewed
CVE-2015-1336 was published May 17, 2022
The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to... High Unreviewed
CVE-2016-4383 was published May 17, 2022
I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass... High Unreviewed
CVE-2016-7807 was published May 17, 2022
elog 3.1.1 allows remote attackers to post data as any username in the logbook. High Unreviewed
CVE-2016-6342 was published May 13, 2022
An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de... High Unreviewed
CVE-2017-6016 was published May 13, 2022
An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the... High Unreviewed
CVE-2016-10370 was published May 17, 2022
Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as... High Unreviewed
CVE-2017-8438 was published May 13, 2022
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local... High Unreviewed
CVE-2016-10369 was published May 17, 2022
In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are... High Unreviewed
CVE-2016-7054 was published May 17, 2022
sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec... High Unreviewed
CVE-2016-7032 was published May 13, 2022
SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative... High Unreviewed
CVE-2015-8284 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database