GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,469

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

674 advisories

Filter by severity

Sort by

Least recently updated

redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A... Critical Unreviewed

CVE-2018-10870 was published May 13, 2022

Improper input validation in obs-service-tar_scm of Open Build Service allows remote attackers to... Critical Unreviewed

CVE-2018-12474 was published May 13, 2022

Entes EMG12 versions 2.57 and prior The application uses a web interface where it is possible for... Critical Unreviewed

CVE-2018-14826 was published May 13, 2022

Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116),... Critical Unreviewed

CVE-2018-15715 was published May 13, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed

CVE-2018-1161 was published May 13, 2022

An Improper Input Validation issue was discovered in Nari PCS-9611 relay. An improper input... Critical Unreviewed

CVE-2018-5447 was published May 13, 2022

Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability... Critical Unreviewed

CVE-2018-5474 was published May 13, 2022

Multipart-file uploads call variables to be improperly registered in the global scope. In cases... Critical Unreviewed

CVE-2018-6334 was published May 13, 2022

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate... Critical Unreviewed

CVE-2018-8850 was published May 13, 2022

In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for arbitrary input on the... Critical Unreviewed

CVE-2018-8869 was published May 13, 2022

A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on... Critical Unreviewed

CVE-2018-9866 was published May 13, 2022

A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation... Critical Unreviewed

CVE-2019-1710 was published May 13, 2022

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP)... Critical Unreviewed

CVE-2019-1716 was published May 13, 2022

IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and... Critical Unreviewed

CVE-2016-6087 was published May 13, 2022

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... Critical Unreviewed

CVE-2019-0604 was published May 13, 2022

treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and... Critical Unreviewed

CVE-2019-10672 was published May 13, 2022

The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1... Critical Unreviewed

CVE-2016-3655 was published May 13, 2022

The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11,... Critical Unreviewed

CVE-2017-8390 was published May 13, 2022

Improper input validation together with an integer overflow in the EAP-TLS protocol... Critical Unreviewed

CVE-2018-11574 was published May 13, 2022

An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers... Critical Unreviewed

CVE-2018-20062 was published May 13, 2022

A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX... Critical Unreviewed

CVE-2018-6320 was published May 13, 2022

An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation... Critical Unreviewed

CVE-2018-14361 was published May 13, 2022

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c... Critical Unreviewed

CVE-2018-14349 was published May 13, 2022

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c... Critical Unreviewed

CVE-2018-14351 was published May 13, 2022

The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their... Critical Unreviewed

CVE-2012-1301 was published May 13, 2022

Previous 1 2 … 22 23 24 25 26 27 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

674 advisories