GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,755
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,488
Maven 5,911
npm 4,104
NuGet 735
pip 3,923
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,374

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,234 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with... Critical Unreviewed

CVE-2019-9871 was published May 24, 2022

An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including... Moderate Unreviewed

CVE-2019-10046 was published May 24, 2022

On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access. High Unreviewed

CVE-2019-6451 was published May 24, 2022

The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated... Moderate Unreviewed

CVE-2019-9881 was published May 24, 2022

The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with... Critical Unreviewed

CVE-2019-9879 was published May 24, 2022

An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users'... Critical Unreviewed

CVE-2019-9880 was published May 24, 2022

All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak... High Unreviewed

CVE-2019-3411 was published May 24, 2022

A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs... Moderate Unreviewed

CVE-2017-15123 was published May 24, 2022

Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11,... Moderate Unreviewed

CVE-2019-0312 was published May 24, 2022

RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote... Critical Unreviewed

CVE-2019-12890 was published May 24, 2022

A vulnerability in the configuration import utility of Cisco Integrated Management Controller ... Moderate Unreviewed

CVE-2019-1629 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... Moderate Unreviewed

CVE-2019-1631 was published May 24, 2022

A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS)... Moderate Unreviewed

CVE-2019-1876 was published May 24, 2022

Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote... Critical Unreviewed

CVE-2019-13131 was published May 24, 2022

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain... Moderate Unreviewed

CVE-2019-4337 was published May 24, 2022

hide.me before 2.4.4 on macOS suffers from a privilege escalation vulnerability in the... High Unreviewed

CVE-2019-12174 was published May 24, 2022

Lack of authentication in file-viewing components in DDRT Dashcom Live 2019-05-09 allows anyone... High Unreviewed

CVE-2019-11020 was published May 24, 2022

Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08... High Unreviewed

CVE-2019-11019 was published May 24, 2022

In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a... High Unreviewed

CVE-2019-13338 was published May 24, 2022

eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for... Critical Unreviewed

CVE-2019-10121 was published May 24, 2022

eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16 use session IDs for... Critical Unreviewed

CVE-2019-10119 was published May 24, 2022

A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The... High Unreviewed

CVE-2019-10915 was published May 24, 2022

Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a... Critical Unreviewed

CVE-2019-13983 was published May 24, 2022

Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the... Moderate Unreviewed

CVE-2019-5451 was published May 24, 2022

An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously,... Moderate Unreviewed

CVE-2019-10198 was published May 24, 2022

Previous 1…10…50 Next

Previous 1 2 … 8 9 10 11 12 … 49 50 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,234 advisories