Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

674 advisories

Loading
An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV)... Critical Unreviewed
CVE-2018-19524 was published May 14, 2022
Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that... Critical Unreviewed
CVE-2018-20162 was published May 14, 2022
Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox... Critical Unreviewed
CVE-2019-10063 was published May 14, 2022
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on... Critical Unreviewed
CVE-2018-12549 was published May 14, 2022
A flaw was found in the way spice-client processed certain messages sent from the server. An... Critical Unreviewed
CVE-2017-12194 was published May 14, 2022
Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager ... Critical Unreviewed
CVE-2016-1291 was published May 14, 2022
In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs... Critical Unreviewed
CVE-2018-7784 was published May 13, 2022
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid... Critical Unreviewed
CVE-2018-7739 was published May 13, 2022
Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0... Critical Unreviewed
CVE-2018-17472 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8126 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8128 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8123 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8129 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8124 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8119 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8120 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8117 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8122 was published May 13, 2022
Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which... Critical Unreviewed
CVE-2017-16935 was published May 13, 2022
The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7... Critical Unreviewed
CVE-2017-11771 was published May 13, 2022
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2... Critical Unreviewed
CVE-2017-11402 was published May 13, 2022
In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authenticated, remote attacker can... Critical Unreviewed
CVE-2017-10700 was published May 13, 2022
The set_version script as shipped with obs-service-set_version is a source validator for the Open... Critical Unreviewed
CVE-2014-0593 was published May 13, 2022
A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x... Critical Unreviewed
CVE-2014-9186 was published May 13, 2022
SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000... Critical Unreviewed
CVE-2016-6567 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database