GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,128
Pub
10
RubyGems
838
Rust
792
Swift
34
Unreviewed advisories
All unreviewed
5,000+
94,596 advisories
Filter by severity
The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted...
High
Unreviewed
CVE-2019-3421
was published
May 24, 2022
In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escalation was possible.
High
Unreviewed
CVE-2019-18368
was published
May 24, 2022
An OS command injection vulnerability in FortiExtender 4.1.1 and below under CLI admin console...
High
Unreviewed
CVE-2019-15710
was published
May 24, 2022
An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi...
High
Unreviewed
CVE-2018-4064
was published
May 24, 2022
A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBusiness before and including...
High
Unreviewed
CVE-2019-18206
was published
May 24, 2022
Zucchetti InfoBusiness before and including 4.4.1 allows any authenticated user to upload .php...
High
Unreviewed
CVE-2019-18204
was published
May 24, 2022
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via...
High
Unreviewed
CVE-2019-17323
was published
May 24, 2022
RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code,...
High
Unreviewed
CVE-2019-15682
was published
May 24, 2022
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858;...
High
Unreviewed
CVE-2018-5735
was published
May 24, 2022
An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in...
High
Unreviewed
CVE-2019-9926
was published
May 24, 2022
Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and...
High
Unreviewed
CVE-2018-16417
was published
May 24, 2022
An issue was discovered in LabKey Server 19.1.0. Sending an SVG containing an XXE payload to the...
High
Unreviewed
CVE-2019-9757
was published
May 24, 2022
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and...
High
Unreviewed
CVE-2019-6850
was published
May 24, 2022
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and...
High
Unreviewed
CVE-2019-6849
was published
May 24, 2022
After installing the IBM Maximo Health- Safety and Environment Manager 7.6.1, a user is granted...
High
Unreviewed
CVE-2019-4546
was published
May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated...
High
Unreviewed
CVE-2019-3979
was published
May 24, 2022
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where...
High
Unreviewed
CVE-2019-3977
was published
May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated...
High
Unreviewed
CVE-2019-3978
was published
May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data...
High
Unreviewed
CVE-2019-18601
was published
May 24, 2022
Unquoted Search Path in Maxthon 5.1.0 to 5.2.7 Browser for Windows.
High
Unreviewed
CVE-2019-16647
was published
May 24, 2022
A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a...
High
Unreviewed
CVE-2019-10208
was published
May 24, 2022
qtum through 0.16 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service...
High
Unreviewed
CVE-2018-19151
was published
May 24, 2022
An issue was discovered in the Tightrope Media Carousel digital signage product 7.0.4.104. Due to...
High
Unreviewed
CVE-2018-18931
was published
May 24, 2022
The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a...
High
Unreviewed
CVE-2018-18929
was published
May 24, 2022
The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload...
High
Unreviewed
CVE-2018-18930
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API