GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
322 advisories
Filter by severity
Multiple Version of TRUMPF TruTops products expose a service function without necessary...
Critical
Unreviewed
CVE-2022-1300
was published
May 3, 2022
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass...
Critical
Unreviewed
CVE-2015-2888
was published
May 13, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal...
Critical
Unreviewed
CVE-2022-44000
was published
Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management...
Critical
Unreviewed
CVE-2022-43999
was published
Nov 17, 2022
Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version < 2.0.0...
Critical
Unreviewed
CVE-2022-27586
was published
Nov 2, 2022
Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware...
Critical
Unreviewed
CVE-2022-27585
was published
Nov 2, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 and 1080579 allows an...
Critical
Unreviewed
CVE-2022-27584
was published
Nov 2, 2022
Password recovery vulnerability in SICK SICK SIM4000 (PPC) Partnumber 1078787 allows an...
Critical
Unreviewed
CVE-2022-27582
was published
Nov 2, 2022
A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco...
Critical
Unreviewed
CVE-2018-0127
was published
May 13, 2022
Remote code execution in Apache TomEE
Critical
CVE-2020-13931
was published
for
org.apache.tomee:apache-tomee
(Maven)
Feb 9, 2022
The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and...
Critical
Unreviewed
CVE-2018-19248
was published
May 13, 2022
Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow...
Critical
Unreviewed
CVE-2018-13114
was published
May 13, 2022
A missing authentication for appliance registration vulnerability in Trend Micro Email Encryption...
Critical
Unreviewed
CVE-2018-6223
was published
May 13, 2022
Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced)...
Critical
Unreviewed
CVE-2019-0261
was published
May 13, 2022
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for...
Critical
Unreviewed
CVE-2019-0246
was published
May 13, 2022
Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR...
Critical
Unreviewed
CVE-2021-42783
was published
Nov 24, 2021
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request....
Critical
Unreviewed
CVE-2019-10040
was published
May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request....
Critical
Unreviewed
CVE-2019-10039
was published
May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request....
Critical
Unreviewed
CVE-2019-10041
was published
May 13, 2022
diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check,...
Critical
Unreviewed
CVE-2019-9974
was published
May 13, 2022
A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an...
Critical
Unreviewed
CVE-2021-22279
was published
Dec 14, 2021
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point...
Critical
Unreviewed
CVE-2018-5393
was published
May 13, 2022
Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow...
Critical
Unreviewed
CVE-2018-18995
was published
May 13, 2022
A vulnerability in the Redis implementation used by the Cisco Policy Suite for Mobile and Cisco...
Critical
Unreviewed
CVE-2018-0181
was published
May 13, 2022
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite...
Critical
Unreviewed
CVE-2018-0377
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API