Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

230 advisories

Loading
An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0)... Critical Unreviewed
CVE-2020-26607 was published May 24, 2022
A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,... Critical Unreviewed
CVE-2020-6823 was published May 24, 2022
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120;... Critical Unreviewed
CVE-2019-16897 was published May 24, 2022
The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because... Critical Unreviewed
CVE-2016-10971 was published May 24, 2022
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import... Critical Unreviewed
CVE-2019-15896 was published May 24, 2022
The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows... Critical Unreviewed
CVE-2012-5376 was published May 13, 2022
Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of... Critical Unreviewed
CVE-2018-9853 was published May 13, 2022
An access issue was addressed with additional sandbox restrictions. This issue affected versions... Critical Unreviewed
CVE-2018-4310 was published May 13, 2022
Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site... Critical Unreviewed
CVE-2018-12596 was published May 13, 2022
I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in... Critical Unreviewed
CVE-2018-1000141 was published May 13, 2022
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06... Critical Unreviewed
CVE-2017-6342 was published May 13, 2022
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can... Critical Unreviewed
CVE-2017-5624 was published May 13, 2022
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,... Critical Unreviewed
CVE-2017-5142 was published May 13, 2022
EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a... Critical Unreviewed
CVE-2017-4982 was published May 13, 2022
An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read... Critical Unreviewed
CVE-2017-14349 was published May 13, 2022
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is... Critical Unreviewed
CVE-2017-12635 was published May 13, 2022
ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check... Critical Unreviewed
CVE-2017-1000003 was published May 13, 2022
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions... Critical Unreviewed
CVE-2017-9944 was published May 13, 2022
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall... Critical Unreviewed
CVE-2018-0425 was published May 13, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version,... Critical Unreviewed
CVE-2018-19725 was published May 13, 2022
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated... Critical Unreviewed
CVE-2018-10143 was published May 13, 2022
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId... Critical Unreviewed
CVE-2017-7312 was published May 13, 2022
Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers... Critical Unreviewed
CVE-2017-13707 was published May 13, 2022
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4,... Critical Unreviewed
CVE-2014-1510 was published May 13, 2022
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey... Critical Unreviewed
CVE-2014-1511 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database