GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,420

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

307 advisories

Filter by severity

Sort by

Least recently updated

Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and... High Unreviewed

CVE-2017-10854 was published May 14, 2022

Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm"... High Unreviewed

CVE-2014-7271 was published May 14, 2022

Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute... High Unreviewed

CVE-2018-0554 was published May 14, 2022

An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an... High Unreviewed

CVE-2018-11476 was published May 14, 2022

GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... High Unreviewed

CVE-2017-0919 was published May 14, 2022

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire... High Unreviewed

CVE-2018-5486 was published May 13, 2022

A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions < V4... High Unreviewed

CVE-2018-4838 was published May 13, 2022

Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's... High Unreviewed

CVE-2018-18264 was published May 13, 2022

A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating... High Unreviewed

CVE-2017-3819 was published May 13, 2022

Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with... High Unreviewed

CVE-2017-17746 was published May 13, 2022

Incorrect access control in AMAG Symmetry Door Edge Network Controllers (EN-1DBC Boot App 23611... High Unreviewed

CVE-2017-16241 was published May 13, 2022

IBM InfoSphere Master Data Management - Collaborative Edition 11.5 could allow an unauthorized... High Unreviewed

CVE-2017-1523 was published May 13, 2022

An Improper Access Control issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe... High Unreviewed

CVE-2017-12720 was published May 13, 2022

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:... High Unreviewed

CVE-2017-10271 was published May 13, 2022

CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can... High Unreviewed

CVE-2017-3217 was published May 13, 2022

Tec4Data SmartCooler, all versions prior to firmware 180806, the device responds to a remote... High Unreviewed

CVE-2018-14796 was published May 13, 2022

ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2... High Unreviewed

CVE-2018-7357 was published May 13, 2022

ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060... High Unreviewed

CVE-2019-6542 was published May 13, 2022

The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and... High Unreviewed

CVE-2017-3209 was published May 13, 2022

The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows... High Unreviewed

CVE-2019-9484 was published May 13, 2022

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03.... High Unreviewed

CVE-2019-7389 was published May 13, 2022

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There... High Unreviewed

CVE-2019-7390 was published May 13, 2022

Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via... High Unreviewed

CVE-2019-3941 was published May 13, 2022

An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of... High Unreviewed

CVE-2019-10946 was published May 13, 2022

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... High Unreviewed

CVE-2019-10042 was published May 13, 2022

Previous 1 2 … 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

307 advisories