Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,855
Erlang
36
GitHub Actions
35
Go
2,481
Maven
5,000+
npm
4,102
NuGet
734
pip
3,915
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

441 advisories

Loading
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD)... Critical Unreviewed
CVE-2017-4052 was published May 17, 2022
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,... Critical Unreviewed
CVE-2017-10804 was published May 17, 2022
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2016-5053 was published May 17, 2022
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0... Critical Unreviewed
CVE-2016-8355 was published May 17, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of... Critical Unreviewed
CVE-2017-5162 was published May 17, 2022
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not... Critical Unreviewed
CVE-2022-28660 was published May 21, 2022
It was found that default configuration of Heketi does not require any authentication potentially... Critical Unreviewed
CVE-2019-3899 was published May 24, 2022
The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO... Critical Unreviewed
CVE-2019-8993 was published May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Attackers with access to port... Critical Unreviewed
CVE-2019-10919 was published May 24, 2022
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580,... Critical Unreviewed
CVE-2019-6808 was published May 24, 2022
An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V ... Critical Unreviewed
CVE-2019-12288 was published May 24, 2022
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS)... Critical Unreviewed
CVE-2019-6958 was published May 24, 2022
Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with... Critical Unreviewed
CVE-2019-9871 was published May 24, 2022
An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users'... Critical Unreviewed
CVE-2019-9880 was published May 24, 2022
The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with... Critical Unreviewed
CVE-2019-9879 was published May 24, 2022
RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote... Critical Unreviewed
CVE-2019-12890 was published May 24, 2022
Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote... Critical Unreviewed
CVE-2019-13131 was published May 24, 2022
eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for... Critical Unreviewed
CVE-2019-10121 was published May 24, 2022
eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16 use session IDs for... Critical Unreviewed
CVE-2019-10119 was published May 24, 2022
Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a... Critical Unreviewed
CVE-2019-13983 was published May 24, 2022
A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise... Critical Unreviewed
CVE-2019-1895 was published May 24, 2022
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be... Critical Unreviewed
CVE-2019-13101 was published May 24, 2022
eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access... Critical Unreviewed
CVE-2019-9585 was published May 24, 2022
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by... Critical Unreviewed
CVE-2019-16199 was published May 24, 2022
Victure PC530 devices allow unauthenticated TELNET access as root. Critical Unreviewed
CVE-2019-15940 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database