GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
192 advisories
Filter by severity
The sensitive information of webcam device is not properly protected. Remote attackers can...
Critical
Unreviewed
CVE-2021-30168
was published
May 24, 2022
Argo CD will blindly trust JWT claims if anonymous access is enabled
Critical
CVE-2022-29165
was published
for
github.com/argoproj/argo-cd
(Go)
May 24, 2022
D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive...
Critical
Unreviewed
CVE-2015-0152
was published
May 24, 2022
admin/user_import.php in Chamilo 1.11.14 reads XML data without disabling the ability to load...
Critical
Unreviewed
CVE-2021-32925
was published
May 24, 2022
best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an...
Critical
Unreviewed
CVE-2020-28199
was published
May 24, 2022
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during...
Critical
Unreviewed
CVE-2020-25179
was published
May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile...
Critical
Unreviewed
CVE-2020-27134
was published
May 24, 2022
In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take...
Critical
Unreviewed
CVE-2020-26167
was published
May 24, 2022
A RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015...
Critical
Unreviewed
CVE-2020-27183
was published
May 24, 2022
HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect...
Critical
Unreviewed
CVE-2019-18823
was published
May 24, 2022
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a...
Critical
Unreviewed
CVE-2019-15859
was published
May 24, 2022
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer...
Critical
Unreviewed
CVE-2019-6177
was published
May 24, 2022
Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon...
Critical
Unreviewed
CVE-2019-2254
was published
May 24, 2022
HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4....
Critical
Unreviewed
CVE-2019-11991
was published
May 24, 2022
Openstack Magnum Unsafe Credential Handling
Critical
CVE-2016-7404
was published
for
openstack-magnum
(pip)
May 24, 2022
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module...
Critical
Unreviewed
CVE-2019-5016
was published
May 24, 2022
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext...
Critical
Unreviewed
CVE-2018-20839
was published
May 24, 2022
In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password...
Critical
Unreviewed
CVE-2019-11403
was published
May 24, 2022
Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded...
Critical
Unreviewed
CVE-2016-4521
was published
May 17, 2022
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain...
Critical
Unreviewed
CVE-2016-2298
was published
May 17, 2022
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006...
Critical
Unreviewed
CVE-2016-1112
was published
May 17, 2022
eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests...
Critical
Unreviewed
CVE-2015-7926
was published
May 17, 2022
admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to...
Critical
Unreviewed
CVE-2016-10105
was published
May 17, 2022
An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x...
Critical
Unreviewed
CVE-2016-9885
was published
May 17, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An...
Critical
Unreviewed
CVE-2017-5166
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API