GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
273 advisories
Filter by severity
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.x,...
High
Unreviewed
CVE-2020-6242
was published
May 24, 2022
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication...
High
Unreviewed
CVE-2019-5620
was published
May 24, 2022
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows...
High
Unreviewed
CVE-2019-19104
was published
May 24, 2022
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its...
High
Unreviewed
CVE-2019-12524
was published
May 24, 2022
A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.7.8 (build...
High
Unreviewed
CVE-2020-9004
was published
May 24, 2022
The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to...
High
Unreviewed
CVE-2019-16258
was published
May 24, 2022
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated...
High
Unreviewed
CVE-2019-16893
was published
May 24, 2022
A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions), SCALANCE X...
High
Unreviewed
CVE-2019-13933
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2019-17146
was published
May 24, 2022
The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows...
High
Unreviewed
CVE-2019-16731
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of...
High
Unreviewed
CVE-2019-5163
was published
May 24, 2022
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.4 and...
High
Unreviewed
CVE-2019-5617
was published
May 24, 2022
Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists...
High
Unreviewed
CVE-2019-18230
was published
May 24, 2022
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira....
High
Unreviewed
CVE-2019-16906
was published
May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated...
High
Unreviewed
CVE-2019-3978
was published
May 24, 2022
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU...
High
Unreviewed
CVE-2019-14927
was published
May 24, 2022
A security vulnerability exists in the Zingbox Inspector versions 1.280 and earlier, where...
High
Unreviewed
CVE-2019-15018
was published
May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05...
High
Unreviewed
CVE-2019-17219
was published
May 24, 2022
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This...
High
Unreviewed
CVE-2019-15043
was published
May 24, 2022
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An...
High
Unreviewed
CVE-2019-13406
was published
May 24, 2022
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker...
High
Unreviewed
CVE-2019-11061
was published
May 24, 2022
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making...
High
Unreviewed
CVE-2019-14511
was published
May 24, 2022
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The...
High
Unreviewed
CVE-2019-10915
was published
May 24, 2022
In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a...
High
Unreviewed
CVE-2019-13338
was published
May 24, 2022
Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08...
High
Unreviewed
CVE-2019-11019
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API