GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,263
Erlang
31
GitHub Actions
21
Go
2,033
Maven
5,000+
npm
3,732
NuGet
662
pip
3,411
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
102 advisories
Filter by severity
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why...
Moderate
Unreviewed
CVE-2019-15162
was published
May 24, 2022
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any...
Moderate
Unreviewed
CVE-2019-11737
was published
May 24, 2022
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an...
Moderate
Unreviewed
CVE-2019-12620
was published
May 24, 2022
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an...
Moderate
Unreviewed
CVE-2019-5478
was published
May 24, 2022
In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file...
Moderate
Unreviewed
CVE-2019-12804
was published
May 24, 2022
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack...
Moderate
Unreviewed
CVE-2019-1880
was published
May 24, 2022
This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions...
Moderate
Unreviewed
CVE-2019-5431
was published
May 24, 2022
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier,...
Moderate
Unreviewed
CVE-2014-4883
was published
May 17, 2022
The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity...
Moderate
Unreviewed
CVE-2015-8254
was published
May 17, 2022
The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for...
Moderate
Unreviewed
CVE-2015-9232
was published
May 17, 2022
Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker...
Moderate
Unreviewed
CVE-2017-2701
was published
May 17, 2022
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle...
Moderate
Unreviewed
CVE-2017-1773
was published
May 14, 2022
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote...
Moderate
Unreviewed
CVE-2015-0251
was published
May 14, 2022
A content spoofing vulnerability in the following components allows to render html pages...
Moderate
Unreviewed
CVE-2018-2434
was published
May 13, 2022
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software...
Moderate
Unreviewed
CVE-2017-12740
was published
May 13, 2022
IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other...
Moderate
Unreviewed
CVE-2017-1405
was published
May 13, 2022
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient...
Moderate
Unreviewed
CVE-2018-10626
was published
May 13, 2022
Zimbra Collaboration before 8.8.10 GA allows text content spoofing via a loginErrorCode value.
Moderate
Unreviewed
CVE-2018-17938
was published
May 13, 2022
IBM Security Access Manager for Web processes patches, image backups and other updates without...
Moderate
Unreviewed
CVE-2016-3016
was published
May 13, 2022
The ParseRoster component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify...
Moderate
Unreviewed
CVE-2014-0364
was published
May 13, 2022
Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges...
Moderate
Unreviewed
CVE-2021-26368
was published
May 13, 2022
This vulnerability arises because the application allows the user to perform some sensitive...
Moderate
Unreviewed
CVE-2021-27759
was published
May 7, 2022
Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to...
Moderate
Unreviewed
CVE-2020-14122
was published
Apr 22, 2022
The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to...
Moderate
Unreviewed
CVE-2021-24825
was published
Mar 8, 2022
Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient...
Moderate
Unreviewed
CVE-2022-22567
was published
Feb 10, 2022
ProTip!
Advisories are also available from the
GraphQL API