Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+

44 advisories

Loading
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly... High Unreviewed
CVE-2020-1048 was published May 24, 2022
V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability.... Moderate Unreviewed
CVE-2020-6862 was published May 24, 2022
D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a... High Unreviewed
CVE-2019-13263 was published May 24, 2022
Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side... High Unreviewed
CVE-2018-17791 was published May 24, 2022
SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without... High Unreviewed
CVE-2019-1020011 was published May 24, 2022
In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is... High Unreviewed
CVE-2019-11770 was published May 24, 2022
Incorrect Resource Transfer Between Spheres in Grails High
CVE-2019-12728 was published for org.grails:grails-core (Maven) May 24, 2022
Eclipse Vorto resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS High
CVE-2019-10248 was published for org.eclipse.vorto:org.eclipse.vorto.core (Maven) May 24, 2022
The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL... Critical Unreviewed
CVE-2016-5062 was published May 17, 2022
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX... Moderate Unreviewed
CVE-2017-14013 was published May 13, 2022
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote... Moderate Unreviewed
CVE-2002-0055 was published Apr 30, 2022
Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent... Moderate Unreviewed
CVE-2004-0872 was published Apr 29, 2022
FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV)... High Unreviewed
CVE-2012-2979 was published Apr 23, 2022
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data... High Unreviewed
CVE-2021-22806 was published Feb 12, 2022
Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability.... High Unreviewed
CVE-2021-36338 was published Jan 22, 2022
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management... Critical Unreviewed
CVE-2022-20658 was published Jan 15, 2022
Publify `guest` role users can self-register even when the admin does not allow it Moderate
CVE-2021-25973 was published for publify_core (RubyGems) Nov 3, 2021
oliverchang
containerd-shim API Exposed to Host Network Containers Moderate
CVE-2020-15257 was published for github.com/containerd/containerd (Go) May 24, 2021
ChaosData
Incorrect Resource Transfer Between Spheres in eclipse-wtp Moderate
CVE-2019-10753 was published for com.diffplug.spotless:spotless-eclipse-cdt (Maven) Sep 11, 2019
ProTip! Advisories are also available from the GraphQL API