Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

901 advisories

Loading
Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php,... Critical Unreviewed
CVE-2018-9162 was published May 14, 2022
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute... High Unreviewed
CVE-2018-0554 was published May 14, 2022
An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0... Moderate Unreviewed
CVE-2018-9119 was published May 14, 2022
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an... High Unreviewed
CVE-2018-11476 was published May 14, 2022
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... High Unreviewed
CVE-2017-0919 was published May 14, 2022
In Schneider Electric Evlink Charging Station versions prior to v3.2.0-12_v1, the Web Interface... Critical Unreviewed
CVE-2018-7778 was published May 14, 2022
The JMX/RMI interface in Nasdaq BWise 5.0 does not require authentication for an SAP BO Component... Critical Unreviewed
CVE-2018-11247 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing... Critical Unreviewed
CVE-2018-5338 was published May 14, 2022
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers... Critical Unreviewed
CVE-2016-2004 was published May 14, 2022
Missing Authentication for Critical Function in Apache Cassandra Critical
CVE-2018-8016 was published for org.apache.cassandra:cassandra-all (Maven) May 13, 2022
MarkLee131
NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire... High Unreviewed
CVE-2018-5486 was published May 13, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient... Critical Unreviewed
CVE-2018-5339 was published May 13, 2022
A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions < V4... High Unreviewed
CVE-2018-4838 was published May 13, 2022
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's... High Unreviewed
CVE-2018-18264 was published May 13, 2022
Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows... Moderate Unreviewed
CVE-2018-16758 was published May 13, 2022
An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's... Critical Unreviewed
CVE-2017-7315 was published May 13, 2022
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and... Critical Unreviewed
CVE-2017-6409 was published May 13, 2022
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges... Critical Unreviewed
CVE-2017-4919 was published May 13, 2022
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating... High Unreviewed
CVE-2017-3819 was published May 13, 2022
The 'Find Phone' function in Nice smartphones with software versions earlier before Nice... Moderate Unreviewed
CVE-2017-2708 was published May 13, 2022
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an... Critical Unreviewed
CVE-2017-18001 was published May 13, 2022
Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow... Moderate Unreviewed
CVE-2017-17747 was published May 13, 2022
Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with... High Unreviewed
CVE-2017-17746 was published May 13, 2022
Incorrect access control in AMAG Symmetry Door Edge Network Controllers (EN-1DBC Boot App 23611... High Unreviewed
CVE-2017-16241 was published May 13, 2022
IBM InfoSphere Master Data Management - Collaborative Edition 11.5 could allow an unauthorized... High Unreviewed
CVE-2017-1523 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database