Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,130
Pub
10
RubyGems
838
Rust
792
Swift
34
Unreviewed advisories
All unreviewed
5,000+

121 advisories

Loading
A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file... Moderate Unreviewed
CVE-2019-15613 was published May 24, 2022
com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and... Moderate Unreviewed
CVE-2019-20057 was published May 24, 2022
Magento 2 Community Edition Insufficient Logging Moderate
CVE-2019-8124 was published for magento/community-edition (Composer) May 24, 2022
In SAP NetWeaver Process Integration (AS2 Adapter), before versions 1.0 and 2.0, the attacker is... Moderate Unreviewed
CVE-2019-0379 was published May 24, 2022
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why... Moderate Unreviewed
CVE-2019-15162 was published May 24, 2022
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any... Moderate Unreviewed
CVE-2019-11737 was published May 24, 2022
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an... Moderate Unreviewed
CVE-2019-12620 was published May 24, 2022
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an... Moderate Unreviewed
CVE-2019-5478 was published May 24, 2022
In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file... Moderate Unreviewed
CVE-2019-12804 was published May 24, 2022
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack... Moderate Unreviewed
CVE-2019-1880 was published May 24, 2022
This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions... Moderate Unreviewed
CVE-2019-5431 was published May 24, 2022
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier,... Moderate Unreviewed
CVE-2014-4883 was published May 17, 2022
The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity... Moderate Unreviewed
CVE-2015-8254 was published May 17, 2022
The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for... Moderate Unreviewed
CVE-2015-9232 was published May 17, 2022
Insufficient Data Verification in io.really:jwt-scala Moderate
CVE-2017-10862 was published for io.really:jwt-scala (Maven) May 17, 2022
Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker... Moderate Unreviewed
CVE-2017-2701 was published May 17, 2022
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle... Moderate Unreviewed
CVE-2017-1773 was published May 14, 2022
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote... Moderate Unreviewed
CVE-2015-0251 was published May 14, 2022
OpenStack Compute (Nova) has Insufficient Verification of Data Authenticity Moderate
CVE-2015-0259 was published for nova (pip) May 14, 2022
Insufficient Verification of Data Authenticity in Apache Tomcat Moderate
CVE-2017-7674 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
tdunlap607 sunSUNQ
A content spoofing vulnerability in the following components allows to render html pages... Moderate Unreviewed
CVE-2018-2434 was published May 13, 2022
Electron vulnerable to URL spoofing via PDFium Moderate
CVE-2017-1000424 was published for Electron (npm) May 13, 2022
jhutchings1
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software... Moderate Unreviewed
CVE-2017-12740 was published May 13, 2022
IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other... Moderate Unreviewed
CVE-2017-1405 was published May 13, 2022
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... Moderate Unreviewed
CVE-2018-10626 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API