Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

229 advisories

Loading
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-0879 was published May 17, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. Critical Unreviewed
CVE-2017-17735 was published May 14, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. Critical Unreviewed
CVE-2017-17734 was published May 14, 2022
CPEs used by subscribers on the access network receive their individual configuration settings... Critical Unreviewed
CVE-2017-6094 was published May 14, 2022
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access... Critical Unreviewed
CVE-2018-3813 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13187 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13203 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13185 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libmpeg2). Product:... Critical Unreviewed
CVE-2017-13205 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (aac). Product: Android.... Critical Unreviewed
CVE-2017-13188 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13204 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... Critical Unreviewed
CVE-2017-11079 was published May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a... Critical Unreviewed
CVE-2018-5726 was published May 14, 2022
LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application... Critical Unreviewed
CVE-2018-7556 was published May 14, 2022
Applications in cf-release before 245 can be configured and pushed with a user-provided custom... Critical Unreviewed
CVE-2016-6658 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile... Critical Unreviewed
CVE-2016-10430 was published May 14, 2022
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login... Critical Unreviewed
CVE-2018-10734 was published May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote... Critical Unreviewed
CVE-2018-12908 was published May 14, 2022
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have... Critical Unreviewed
CVE-2018-10106 was published May 14, 2022
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web... Critical Unreviewed
CVE-2018-9126 was published May 14, 2022
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the... Critical Unreviewed
CVE-2018-10770 was published May 14, 2022
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the... Critical Unreviewed
CVE-2018-12557 was published May 14, 2022
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 ... Critical Unreviewed
CVE-2018-11036 was published May 14, 2022
The forgotten-password feature in index.php/member/reset/reset_email.html in YzmCMS v3.2 through... Critical Unreviewed
CVE-2018-11554 was published May 14, 2022
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via... Critical Unreviewed
CVE-2018-13123 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database