GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,154
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
244,411 advisories
Filter by severity
An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may...
High
Unreviewed
CVE-2021-31796
was published
May 24, 2022
Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper...
Critical
Unreviewed
CVE-2021-37417
was published
May 24, 2022
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices....
High
Unreviewed
CVE-2021-40380
was published
May 24, 2022
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for...
Moderate
Unreviewed
CVE-2021-1567
was published
May 24, 2022
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration...
High
Unreviewed
CVE-2021-38615
was published
May 24, 2022
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an...
Low
Unreviewed
CVE-2021-3049
was published
May 24, 2022
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and...
High
Unreviewed
CVE-2021-3115
was published
May 24, 2022
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an...
High
Unreviewed
CVE-2020-0404
was published
May 24, 2022
Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi...
Moderate
Unreviewed
CVE-2020-12262
was published
May 24, 2022
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating...
Critical
Unreviewed
CVE-2020-26201
was published
May 24, 2022
An out-of-bounds write vulnerability exists in the PSD Header processing functionality of...
High
Unreviewed
CVE-2020-13585
was published
May 24, 2022
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3...
High
Unreviewed
CVE-2008-7218
was published
May 17, 2022
Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute...
High
Unreviewed
CVE-2008-7158
was published
May 17, 2022
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 uses a small space of...
Moderate
Unreviewed
CVE-2008-7113
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1.3 beta allows remote...
Moderate
Unreviewed
CVE-2008-7132
was published
May 17, 2022
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability....
High
Unreviewed
CVE-2017-7398
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10...
High
Unreviewed
CVE-2017-2457
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10...
Moderate
Unreviewed
CVE-2017-2442
was published
May 17, 2022
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1...
Moderate
Unreviewed
CVE-2017-0113
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10...
Moderate
Unreviewed
CVE-2017-2480
was published
May 17, 2022
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a...
High
Unreviewed
CVE-2017-8852
was published
May 17, 2022
An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server...
Moderate
Unreviewed
CVE-2017-0167
was published
May 17, 2022
Adobe Digital Editions 4.5.4 and earlier has an exploitable heap overflow vulnerability....
High
Unreviewed
CVE-2017-11275
was published
May 17, 2022
HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.
High
Unreviewed
CVE-2017-7446
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in onlinetools.org EasyImageCatalogue 1.3.1...
Moderate
Unreviewed
CVE-2008-7133
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API