Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

199 advisories

Loading
An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config... Critical Unreviewed
CVE-2019-9002 was published May 13, 2022
FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the... Critical Unreviewed
CVE-2018-16591 was published May 13, 2022
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper... Critical Unreviewed
CVE-2018-18996 was published May 13, 2022
Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P... Critical Unreviewed
CVE-2017-12582 was published May 13, 2022
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an... Critical Unreviewed
CVE-2017-6622 was published May 13, 2022
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center... Critical Unreviewed
CVE-2017-6639 was published May 13, 2022
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without... Critical Unreviewed
CVE-2017-9232 was published May 13, 2022
A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web... Critical Unreviewed
CVE-2018-11541 was published May 13, 2022
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the... Critical Unreviewed
CVE-2018-5377 was published May 13, 2022
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in... Critical Unreviewed
CVE-2018-6000 was published May 13, 2022
SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e... Critical Unreviewed
CVE-2018-7702 was published May 13, 2022
NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file... Critical Unreviewed
CVE-2018-8755 was published May 13, 2022
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts... Critical Unreviewed
CVE-2022-22282 was published May 14, 2022
zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms... Critical Unreviewed
CVE-2019-1010149 was published May 24, 2022
zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed
CVE-2019-1010150 was published May 24, 2022
zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed
CVE-2019-1010152 was published May 24, 2022
Total.js CMS RCE Vulnerability Critical
CVE-2019-15954 was published for total4 (npm) May 24, 2022
A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,... Critical Unreviewed
CVE-2020-6823 was published May 24, 2022
Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting... Critical Unreviewed
CVE-2020-11856 was published May 24, 2022
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an... Critical Unreviewed
CVE-2020-4499 was published May 24, 2022
In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system.... Critical Unreviewed
CVE-2019-19885 was published May 24, 2022
A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s):... Critical Unreviewed
CVE-2020-7124 was published May 24, 2022
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain... Critical Unreviewed
CVE-2020-28036 was published May 24, 2022
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed
CVE-2020-26821 was published May 24, 2022
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed
CVE-2020-26824 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database