Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

229 advisories

Loading
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0... Critical Unreviewed
CVE-2017-2320 was published May 13, 2022
The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain... Critical Unreviewed
CVE-2016-6548 was published May 13, 2022
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0... Critical Unreviewed
CVE-2016-5649 was published May 13, 2022
Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability... Critical Unreviewed
CVE-2018-14822 was published May 13, 2022
Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security... Critical Unreviewed
CVE-2017-3972 was published May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-10627 was published May 13, 2022
Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation... Critical Unreviewed
CVE-2018-8919 was published May 13, 2022
In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read... Critical Unreviewed
CVE-2018-9852 was published May 13, 2022
An issue existed with autofill resuming after it was canceled. The issue was addressed with... Critical Unreviewed
CVE-2019-6206 was published May 13, 2022
PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it... Critical Unreviewed
CVE-2018-20371 was published May 13, 2022
In Vignette Content Management version 6, it is possible to gain remote access to administrator... Critical Unreviewed
CVE-2018-18941 was published May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor Critical
CVE-2021-32711 was published for shopware/platform (Composer) Sep 8, 2021
On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI).... Critical Unreviewed
CVE-2019-0040 was published May 13, 2022
CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct... Critical Unreviewed
CVE-2018-12634 was published May 13, 2022
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account... Critical Unreviewed
CVE-2018-11741 was published May 13, 2022
Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (via HTTP on port 8000) allows... Critical Unreviewed
CVE-2018-11653 was published May 13, 2022
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various... Critical Unreviewed
CVE-2021-43938 was published Apr 30, 2022
D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive... Critical Unreviewed
CVE-2015-0152 was published May 24, 2022
The sensitive information of webcam device is not properly protected. Remote attackers can... Critical Unreviewed
CVE-2021-30168 was published May 24, 2022
Exposure of Sensitive Information in Jenkins Core Critical
CVE-2016-0791 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
admin/user_import.php in Chamilo 1.11.14 reads XML data without disabling the ability to load... Critical Unreviewed
CVE-2021-32925 was published May 24, 2022
best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an... Critical Unreviewed
CVE-2020-28199 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile... Critical Unreviewed
CVE-2020-27134 was published May 24, 2022
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during... Critical Unreviewed
CVE-2020-25179 was published May 24, 2022
A RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015... Critical Unreviewed
CVE-2020-27183 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database