GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,167
Composer 4,339
Erlang 31
GitHub Actions 22
Go 2,099
Maven 5,272
npm 3,763
NuGet 678
pip 3,448
Pub 12
RubyGems 892
Rust 883
Swift 37

Unreviewed advisories

All unreviewed 242,854

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

163 advisories

Filter by severity

Sort by

Least recently updated

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26824 was published May 24, 2022

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain... Critical Unreviewed

CVE-2020-28036 was published May 24, 2022

A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s):... Critical Unreviewed

CVE-2020-7124 was published May 24, 2022

In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system.... Critical Unreviewed

CVE-2019-19885 was published May 24, 2022

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an... Critical Unreviewed

CVE-2020-4499 was published May 24, 2022

Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting... Critical Unreviewed

CVE-2020-11856 was published May 24, 2022

A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,... Critical Unreviewed

CVE-2020-6823 was published May 24, 2022

zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed

CVE-2019-1010152 was published May 24, 2022

zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed

CVE-2019-1010150 was published May 24, 2022

zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms... Critical Unreviewed

CVE-2019-1010149 was published May 24, 2022

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts... Critical Unreviewed

CVE-2022-22282 was published May 14, 2022

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file... Critical Unreviewed

CVE-2018-8755 was published May 13, 2022

SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e... Critical Unreviewed

CVE-2018-7702 was published May 13, 2022

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in... Critical Unreviewed

CVE-2018-6000 was published May 13, 2022

Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the... Critical Unreviewed

CVE-2018-5377 was published May 13, 2022

A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web... Critical Unreviewed

CVE-2018-11541 was published May 13, 2022

Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without... Critical Unreviewed

CVE-2017-9232 was published May 13, 2022

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center... Critical Unreviewed

CVE-2017-6639 was published May 13, 2022

A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an... Critical Unreviewed

CVE-2017-6622 was published May 13, 2022

Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P... Critical Unreviewed

CVE-2017-12582 was published May 13, 2022

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper... Critical Unreviewed

CVE-2018-18996 was published May 13, 2022

FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the... Critical Unreviewed

CVE-2018-16591 was published May 13, 2022

An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config... Critical Unreviewed

CVE-2019-9002 was published May 13, 2022

An exploitable unsafe default configuration vulnerability exists in the TURN server function of... Critical Unreviewed

CVE-2018-4059 was published May 13, 2022

An missing authorization vulnerability has been reported to affect QNAP device running Video... Critical Unreviewed

CVE-2021-44055 was published May 6, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

163 advisories