GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
59 advisories
Filter by severity
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture...
Moderate
Unreviewed
CVE-2021-24046
was published
Jan 15, 2022
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022...
Moderate
Unreviewed
CVE-2022-24932
was published
Mar 11, 2022
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure...
Moderate
Unreviewed
CVE-2022-24385
was published
Mar 15, 2022
phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images...
Moderate
Unreviewed
CVE-2004-2257
was published
Apr 29, 2022
MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files...
Moderate
Unreviewed
CVE-2002-1798
was published
Apr 30, 2022
Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct...
Moderate
Unreviewed
CVE-2005-1688
was published
May 1, 2022
PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct...
Moderate
Unreviewed
CVE-2005-1698
was published
May 1, 2022
The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive...
Moderate
Unreviewed
CVE-2005-1697
was published
May 1, 2022
FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive...
Moderate
Unreviewed
CVE-2005-1892
was published
May 1, 2022
Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software...
Moderate
Unreviewed
CVE-2015-2873
was published
May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an...
Moderate
Unreviewed
CVE-2018-0266
was published
May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an...
Moderate
Unreviewed
CVE-2018-0267
was published
May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an...
Moderate
Unreviewed
CVE-2018-0198
was published
May 13, 2022
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content...
Moderate
Unreviewed
CVE-2018-0140
was published
May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an...
Moderate
Unreviewed
CVE-2018-0105
was published
May 13, 2022
CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese...
Moderate
Unreviewed
CVE-2017-2139
was published
May 13, 2022
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10...
Moderate
Unreviewed
CVE-2017-2143
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10...
Moderate
Unreviewed
CVE-2017-2486
was published
May 13, 2022
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0...
Moderate
Unreviewed
CVE-2018-11346
was published
May 13, 2022
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0...
Moderate
Unreviewed
CVE-2018-19143
was published
May 13, 2022
In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a...
Moderate
Unreviewed
CVE-2019-13981
was published
May 24, 2022
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the...
Moderate
Unreviewed
CVE-2019-1220
was published
May 24, 2022
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated...
Moderate
Unreviewed
CVE-2019-17503
was published
May 24, 2022
PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso...
Moderate
Unreviewed
CVE-2019-16386
was published
May 24, 2022
PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/...
Moderate
Unreviewed
CVE-2019-16388
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API