GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,299

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

21,736 advisories

Filter by severity

Sort by

Least recently updated

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed

CVE-2017-18130 was published May 13, 2022

Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which... Critical Unreviewed

CVE-2017-16935 was published May 13, 2022

An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any... Critical Unreviewed

CVE-2017-15597 was published May 13, 2022

Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view... Critical Unreviewed

CVE-2017-15877 was published May 13, 2022

Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended... Critical Unreviewed

CVE-2017-16885 was published May 13, 2022

Remote Information Disclosure and Escalation of Privileges in ManageEngine Desktop Central MSP 10... Critical Unreviewed

CVE-2017-16924 was published May 13, 2022

A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before... Critical Unreviewed

CVE-2017-18044 was published May 13, 2022

The VR Calendar WordPress plugin through 2.2.2 lets any user execute arbitrary PHP functions on... Critical Unreviewed

CVE-2022-2314 was published Aug 16, 2022

BigBlueButton before 2.2.7 does not have a protection mechanism for separator injection in... Critical Unreviewed

CVE-2020-27602 was published Sep 30, 2022

An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx... Critical Unreviewed

CVE-2017-16743 was published May 13, 2022

rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for... Critical Unreviewed

CVE-2017-15994 was published May 13, 2022

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0... Critical Unreviewed

CVE-2017-2320 was published May 13, 2022

Certain HP Print Products are potentially vulnerable to Remote Code Execution. Critical Unreviewed

CVE-2022-28721 was published Sep 27, 2022

Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global... Critical Unreviewed

CVE-2017-17736 was published May 13, 2022

Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6... Critical Unreviewed

CVE-2017-17067 was published May 13, 2022

An issue was discovered on Ichano AtHome IP Camera devices. The device runs the "noodles" binary ... Critical Unreviewed

CVE-2017-17761 was published May 13, 2022

In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for... Critical Unreviewed

CVE-2017-15999 was published May 13, 2022

An issue was discovered in Apexis APM-H803-MPC software, as used with many different models of IP... Critical Unreviewed

CVE-2017-17101 was published May 13, 2022

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10... Critical Unreviewed

CVE-2017-2518 was published May 13, 2022

Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search... Critical Unreviewed

CVE-2017-17733 was published May 13, 2022

In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD... Critical Unreviewed

CVE-2017-17773 was published May 13, 2022

MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234... Critical Unreviewed

CVE-2017-16523 was published May 13, 2022

IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not... Critical Unreviewed

CVE-2017-1601 was published May 13, 2022

JBMC DirectAdmin before 1.52, when the email_ftp_password_change setting is nonzero, allows... Critical Unreviewed

CVE-2017-18045 was published May 13, 2022

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the... Critical Unreviewed

CVE-2017-18212 was published May 13, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,736 advisories