Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,128
Pub
10
RubyGems
838
Rust
792
Swift
34
Unreviewed advisories
All unreviewed
5,000+

94,596 advisories

Loading
The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted... High Unreviewed
CVE-2019-3421 was published May 24, 2022
In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escalation was possible. High Unreviewed
CVE-2019-18368 was published May 24, 2022
An OS command injection vulnerability in FortiExtender 4.1.1 and below under CLI admin console... High Unreviewed
CVE-2019-15710 was published May 24, 2022
An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi... High Unreviewed
CVE-2018-4064 was published May 24, 2022
A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBusiness before and including... High Unreviewed
CVE-2019-18206 was published May 24, 2022
Zucchetti InfoBusiness before and including 4.4.1 allows any authenticated user to upload .php... High Unreviewed
CVE-2019-18204 was published May 24, 2022
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via... High Unreviewed
CVE-2019-17323 was published May 24, 2022
RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code,... High Unreviewed
CVE-2019-15682 was published May 24, 2022
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858;... High Unreviewed
CVE-2018-5735 was published May 24, 2022
An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in... High Unreviewed
CVE-2019-9926 was published May 24, 2022
Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and... High Unreviewed
CVE-2018-16417 was published May 24, 2022
An issue was discovered in LabKey Server 19.1.0. Sending an SVG containing an XXE payload to the... High Unreviewed
CVE-2019-9757 was published May 24, 2022
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and... High Unreviewed
CVE-2019-6850 was published May 24, 2022
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and... High Unreviewed
CVE-2019-6849 was published May 24, 2022
After installing the IBM Maximo Health- Safety and Environment Manager 7.6.1, a user is granted... High Unreviewed
CVE-2019-4546 was published May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated... High Unreviewed
CVE-2019-3979 was published May 24, 2022
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where... High Unreviewed
CVE-2019-3977 was published May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated... High Unreviewed
CVE-2019-3978 was published May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data... High Unreviewed
CVE-2019-18601 was published May 24, 2022
Unquoted Search Path in Maxthon 5.1.0 to 5.2.7 Browser for Windows. High Unreviewed
CVE-2019-16647 was published May 24, 2022
A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a... High Unreviewed
CVE-2019-10208 was published May 24, 2022
qtum through 0.16 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service... High Unreviewed
CVE-2018-19151 was published May 24, 2022
An issue was discovered in the Tightrope Media Carousel digital signage product 7.0.4.104. Due to... High Unreviewed
CVE-2018-18931 was published May 24, 2022
The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a... High Unreviewed
CVE-2018-18929 was published May 24, 2022
The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload... High Unreviewed
CVE-2018-18930 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API