Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,744
Maven
4,969
npm
3,507
NuGet
609
pip
3,065
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

220,677 advisories

Loading
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and... Critical Unreviewed
CVE-2019-1821 was published May 24, 2022
The ASUS Zenfone V Live Android device with a build fingerprint of asus/VZW_ASUS_A009/ASUS_A009:7... High Unreviewed
CVE-2018-14993 was published May 24, 2022
Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART... High Unreviewed
CVE-2018-20007 was published May 24, 2022
IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This... Critical Unreviewed
CVE-2020-29597 was published May 24, 2022
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC... Moderate Unreviewed
CVE-2022-41610 was published May 10, 2023
Buffer Overflow vulnerability in Antirez Kilo before commit... High Unreviewed
CVE-2020-20335 was published Jun 20, 2023
Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerability. Successful... Moderate Unreviewed
CVE-2019-7844 was published May 24, 2022
Recently it was discovered as a part of the research on IoT devices in the most recent firmware... High Unreviewed
CVE-2017-10724 was published May 24, 2022
A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM)... High Unreviewed
CVE-2019-1911 was published May 24, 2022
The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject... Moderate Unreviewed
CVE-2018-20827 was published May 24, 2022
The link-log plugin before 2.0 for WordPress has HTTP Response Splitting. High Unreviewed
CVE-2015-9345 was published May 24, 2022
VMware Tools for Windows (10.x before 10.3.10) update addresses an out of bounds read... High Unreviewed
CVE-2019-5522 was published May 24, 2022
gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation High Unreviewed
CVE-2012-5617 was published Apr 23, 2022
Processing a specially crafted project file in LAquis SCADA 4.3.1.71 may trigger an out-of-bounds... Moderate Unreviewed
CVE-2019-10994 was published May 24, 2022
SITOS six Build v6.2.1 permits unauthorised users to upload and import a SCORM 2004 package by... Critical Unreviewed
CVE-2019-15748 was published May 24, 2022
Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats... High Unreviewed
CVE-2019-7620 was published May 24, 2022
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could... Moderate Unreviewed
CVE-2023-20756 was published Jul 4, 2023
Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows... Moderate Unreviewed
CVE-2023-26579 was published Oct 25, 2023
In the module "SoNice etiquetage" (sonice_etiquetage) up to version 2.5.9 from Common-Services... High Unreviewed
CVE-2023-45383 was published Oct 18, 2023
Theme volty tvcmspaymenticon up to v4.0.1 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2023-39645 was published Oct 3, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Easy Form team Easy Form by AYS... Moderate Unreviewed
CVE-2023-32498 was published Aug 23, 2023
The leakage of the client secret in Uomasa_Saiji_news Line 13.6.1 allows attackers to obtain the... High Unreviewed
CVE-2023-39735 was published Oct 25, 2023
A valid XCC user's local account permissions overrides their active directory permissions under... High Unreviewed
CVE-2023-29057 was published Jul 6, 2023
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 ... High Unreviewed
CVE-2023-37935 was published Oct 10, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugins Simple Mobile URL Redirect... High Unreviewed
CVE-2023-23897 was published Jul 10, 2023
ProTip! Advisories are also available from the GraphQL API