Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

59 advisories

Loading
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture... Moderate Unreviewed
CVE-2021-24046 was published Jan 15, 2022
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022... Moderate Unreviewed
CVE-2022-24932 was published Mar 11, 2022
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure... Moderate Unreviewed
CVE-2022-24385 was published Mar 15, 2022
phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images... Moderate Unreviewed
CVE-2004-2257 was published Apr 29, 2022
MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files... Moderate Unreviewed
CVE-2002-1798 was published Apr 30, 2022
Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed
CVE-2005-1688 was published May 1, 2022
The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2005-1697 was published May 1, 2022
PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed
CVE-2005-1698 was published May 1, 2022
FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive... Moderate Unreviewed
CVE-2005-1892 was published May 1, 2022
Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software... Moderate Unreviewed
CVE-2015-2873 was published May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2018-0267 was published May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2018-0266 was published May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2018-0198 was published May 13, 2022
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content... Moderate Unreviewed
CVE-2018-0140 was published May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2018-0105 was published May 13, 2022
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10... Moderate Unreviewed
CVE-2017-2143 was published May 13, 2022
CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese... Moderate Unreviewed
CVE-2017-2139 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10... Moderate Unreviewed
CVE-2017-2486 was published May 13, 2022
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0... Moderate Unreviewed
CVE-2018-11346 was published May 13, 2022
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0... Moderate Unreviewed
CVE-2018-19143 was published May 13, 2022
In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a... Moderate Unreviewed
CVE-2019-13981 was published May 24, 2022
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the... Moderate Unreviewed
CVE-2019-1220 was published May 24, 2022
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated... Moderate Unreviewed
CVE-2019-17503 was published May 24, 2022
PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso... Moderate Unreviewed
CVE-2019-16386 was published May 24, 2022
PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/... Moderate Unreviewed
CVE-2019-16388 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database