GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,130
Pub
10
RubyGems
838
Rust
792
Swift
34
Unreviewed advisories
All unreviewed
5,000+
121 advisories
Filter by severity
A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file...
Moderate
Unreviewed
CVE-2019-15613
was published
May 24, 2022
com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and...
Moderate
Unreviewed
CVE-2019-20057
was published
May 24, 2022
Magento 2 Community Edition Insufficient Logging
Moderate
CVE-2019-8124
was published
for
magento/community-edition
(Composer)
May 24, 2022
In SAP NetWeaver Process Integration (AS2 Adapter), before versions 1.0 and 2.0, the attacker is...
Moderate
Unreviewed
CVE-2019-0379
was published
May 24, 2022
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why...
Moderate
Unreviewed
CVE-2019-15162
was published
May 24, 2022
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any...
Moderate
Unreviewed
CVE-2019-11737
was published
May 24, 2022
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an...
Moderate
Unreviewed
CVE-2019-12620
was published
May 24, 2022
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an...
Moderate
Unreviewed
CVE-2019-5478
was published
May 24, 2022
In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file...
Moderate
Unreviewed
CVE-2019-12804
was published
May 24, 2022
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack...
Moderate
Unreviewed
CVE-2019-1880
was published
May 24, 2022
This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions...
Moderate
Unreviewed
CVE-2019-5431
was published
May 24, 2022
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier,...
Moderate
Unreviewed
CVE-2014-4883
was published
May 17, 2022
The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity...
Moderate
Unreviewed
CVE-2015-8254
was published
May 17, 2022
The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for...
Moderate
Unreviewed
CVE-2015-9232
was published
May 17, 2022
Insufficient Data Verification in io.really:jwt-scala
Moderate
CVE-2017-10862
was published
for
io.really:jwt-scala
(Maven)
May 17, 2022
Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker...
Moderate
Unreviewed
CVE-2017-2701
was published
May 17, 2022
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle...
Moderate
Unreviewed
CVE-2017-1773
was published
May 14, 2022
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote...
Moderate
Unreviewed
CVE-2015-0251
was published
May 14, 2022
OpenStack Compute (Nova) has Insufficient Verification of Data Authenticity
Moderate
CVE-2015-0259
was published
for
nova
(pip)
May 14, 2022
Insufficient Verification of Data Authenticity in Apache Tomcat
Moderate
CVE-2017-7674
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
A content spoofing vulnerability in the following components allows to render html pages...
Moderate
Unreviewed
CVE-2018-2434
was published
May 13, 2022
Electron vulnerable to URL spoofing via PDFium
Moderate
CVE-2017-1000424
was published
for
Electron
(npm)
May 13, 2022
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software...
Moderate
Unreviewed
CVE-2017-12740
was published
May 13, 2022
IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other...
Moderate
Unreviewed
CVE-2017-1405
was published
May 13, 2022
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient...
Moderate
Unreviewed
CVE-2018-10626
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API