GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
273 advisories
Filter by severity
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating...
High
Unreviewed
CVE-2017-3819
was published
May 13, 2022
Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with...
High
Unreviewed
CVE-2017-17746
was published
May 13, 2022
Incorrect access control in AMAG Symmetry Door Edge Network Controllers (EN-1DBC Boot App 23611...
High
Unreviewed
CVE-2017-16241
was published
May 13, 2022
IBM InfoSphere Master Data Management - Collaborative Edition 11.5 could allow an unauthorized...
High
Unreviewed
CVE-2017-1523
was published
May 13, 2022
An Improper Access Control issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe...
High
Unreviewed
CVE-2017-12720
was published
May 13, 2022
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can...
High
Unreviewed
CVE-2017-3217
was published
May 13, 2022
Tec4Data SmartCooler, all versions prior to firmware 180806, the device responds to a remote...
High
Unreviewed
CVE-2018-14796
was published
May 13, 2022
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2...
High
Unreviewed
CVE-2018-7357
was published
May 13, 2022
ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060...
High
Unreviewed
CVE-2019-6542
was published
May 13, 2022
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and...
High
Unreviewed
CVE-2017-3209
was published
May 13, 2022
The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows...
High
Unreviewed
CVE-2019-9484
was published
May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03....
High
Unreviewed
CVE-2019-7389
was published
May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There...
High
Unreviewed
CVE-2019-7390
was published
May 13, 2022
Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via...
High
Unreviewed
CVE-2019-3941
was published
May 13, 2022
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of...
High
Unreviewed
CVE-2019-10946
was published
May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request....
High
Unreviewed
CVE-2019-10042
was published
May 13, 2022
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web...
High
Unreviewed
CVE-2018-20220
was published
May 13, 2022
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and...
High
Unreviewed
CVE-2018-19079
was published
May 13, 2022
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands...
High
Unreviewed
CVE-2018-17880
was published
May 13, 2022
IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthenticated user to restart the...
High
Unreviewed
CVE-2018-1745
was published
May 13, 2022
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all...
High
Unreviewed
CVE-2018-17906
was published
May 13, 2022
A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series...
High
Unreviewed
CVE-2019-1654
was published
May 13, 2022
An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service...
High
Unreviewed
CVE-2017-12575
was published
May 13, 2022
D-Link routers with the mydlink feature have some web interfaces without authentication...
High
Unreviewed
CVE-2019-7642
was published
May 13, 2022
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote...
High
Unreviewed
CVE-2019-6447
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API