Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,444 advisories

Loading
The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a... High Unreviewed
CVE-2014-8522 was published May 17, 2022
Apache Shiro 1.x before 1.2.3, when using an LDAP server with unauthenticated bind enabled,... High Unreviewed
CVE-2014-0074 was published May 17, 2022
The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2013-3092 was published May 17, 2022
The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows... High Unreviewed
CVE-2014-2373 was published May 17, 2022
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and... High Unreviewed
CVE-2019-5890 was published May 13, 2022
Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 allows remote attackers to... High Unreviewed
CVE-2014-6632 was published May 17, 2022
Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under... High Unreviewed
CVE-2014-8329 was published May 17, 2022
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers... High Unreviewed
CVE-2014-8424 was published May 17, 2022
The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1... High Unreviewed
CVE-2014-2927 was published May 17, 2022
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService... High Unreviewed
CVE-2013-4793 was published May 17, 2022
The HTTP Connector component of TIBCO Software Inc.'s TIBCO ActiveMatrix BusinessWorks contains a... High Unreviewed
CVE-2019-8990 was published May 13, 2022
Aptexx Resident Anywhere does not require authentication, which allows remote attackers to obtain... High Unreviewed
CVE-2014-4882 was published May 17, 2022
Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for... High Unreviewed
CVE-2015-5998 was published May 17, 2022
Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which... High Unreviewed
CVE-2015-5649 was published May 17, 2022
Insufficiently Protected Credentials and Improper Authentication in Spring Security High
CVE-2019-11272 was published for org.springframework.security:spring-security-cas (Maven) Jun 27, 2019
cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote attackers to (1) cause a... High Unreviewed
CVE-2013-7183 was published May 17, 2022
The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive... High Unreviewed
CVE-2015-8269 was published May 17, 2022
The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require... High Unreviewed
CVE-2015-6480 was published May 17, 2022
An exploitable denial of service vulnerability exists in Insteon Hub running firmware version... High Unreviewed
CVE-2017-16348 was published May 13, 2022
Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier... High Unreviewed
CVE-2018-6689 was published May 13, 2022
The management interface of Huawei WS331a routers with software before WS331a-10 V100R001C01B112... High Unreviewed
CVE-2016-6159 was published May 17, 2022
The image_verify function in platform/msm_shared/image_verify.c in the Little Kernel (LK)... High Unreviewed
CVE-2014-0973 was published May 17, 2022
Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication... High Unreviewed
CVE-2016-1278 was published May 17, 2022
The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2... High Unreviewed
CVE-2016-1402 was published May 17, 2022
The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1... High Unreviewed
CVE-2013-3466 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database