Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

159 advisories

Loading
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an... Critical Unreviewed
CVE-2020-4499 was published May 24, 2022
Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting... Critical Unreviewed
CVE-2020-11856 was published May 24, 2022
A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,... Critical Unreviewed
CVE-2020-6823 was published May 24, 2022
zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed
CVE-2019-1010150 was published May 24, 2022
zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed
CVE-2019-1010152 was published May 24, 2022
zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms... Critical Unreviewed
CVE-2019-1010149 was published May 24, 2022
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts... Critical Unreviewed
CVE-2022-22282 was published May 14, 2022
NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file... Critical Unreviewed
CVE-2018-8755 was published May 13, 2022
SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e... Critical Unreviewed
CVE-2018-7702 was published May 13, 2022
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in... Critical Unreviewed
CVE-2018-6000 was published May 13, 2022
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the... Critical Unreviewed
CVE-2018-5377 was published May 13, 2022
A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web... Critical Unreviewed
CVE-2018-11541 was published May 13, 2022
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without... Critical Unreviewed
CVE-2017-9232 was published May 13, 2022
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center... Critical Unreviewed
CVE-2017-6639 was published May 13, 2022
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an... Critical Unreviewed
CVE-2017-6622 was published May 13, 2022
Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P... Critical Unreviewed
CVE-2017-12582 was published May 13, 2022
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper... Critical Unreviewed
CVE-2018-18996 was published May 13, 2022
FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the... Critical Unreviewed
CVE-2018-16591 was published May 13, 2022
An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config... Critical Unreviewed
CVE-2019-9002 was published May 13, 2022
An exploitable unsafe default configuration vulnerability exists in the TURN server function of... Critical Unreviewed
CVE-2018-4059 was published May 13, 2022
An missing authorization vulnerability has been reported to affect QNAP device running Video... Critical Unreviewed
CVE-2021-44055 was published May 6, 2022
Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass Critical Unreviewed
CVE-2013-3960 was published May 5, 2022
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various... Critical Unreviewed
CVE-2021-43938 was published Apr 30, 2022
Hospital Management System v1.0 was discovered to lack an authorization component, allowing... Critical Unreviewed
CVE-2022-26546 was published Apr 1, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of... Critical Unreviewed
CVE-2021-45878 was published Mar 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database