GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,773 advisories
Filter by severity
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated...
Moderate
Unreviewed
CVE-2019-20016
was published
May 24, 2022
Cross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac...
Moderate
Unreviewed
CVE-2019-6031
was published
May 24, 2022
Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers...
Moderate
Unreviewed
CVE-2019-6029
was published
May 24, 2022
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated...
Moderate
Unreviewed
CVE-2019-6022
was published
May 24, 2022
Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier ...
Moderate
Unreviewed
CVE-2019-6020
was published
May 24, 2022
Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows...
Moderate
Unreviewed
CVE-2019-6021
was published
May 24, 2022
Cross-site scripting vulnerability in NetCommons 3.2.2 and earlier (NetCommons3.x) allows remote...
Moderate
Unreviewed
CVE-2019-6018
was published
May 24, 2022
REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to ...
Moderate
Unreviewed
CVE-2019-6017
was published
May 24, 2022
Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote...
Moderate
Unreviewed
CVE-2019-6011
was published
May 24, 2022
Cross-site scripting vulnerability in REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12...
Moderate
Unreviewed
CVE-2019-6016
was published
May 24, 2022
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for...
Moderate
Unreviewed
CVE-2019-19981
was published
May 24, 2022
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a privilege bypass flaw...
Moderate
Unreviewed
CVE-2019-19980
was published
May 24, 2022
In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.
Moderate
Unreviewed
CVE-2019-19960
was published
May 24, 2022
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas...
Moderate
Unreviewed
CVE-2019-19965
was published
May 24, 2022
An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is...
Moderate
Unreviewed
CVE-2019-19963
was published
May 24, 2022
Reliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firmware versions prior to 8.26...
Moderate
Unreviewed
CVE-2019-18249
was published
May 24, 2022
On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1...
Moderate
Unreviewed
CVE-2019-6688
was published
May 24, 2022
On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, the Traffic...
Moderate
Unreviewed
CVE-2019-6686
was published
May 24, 2022
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare...
Moderate
Unreviewed
CVE-2019-6147
was published
May 24, 2022
On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM...
Moderate
Unreviewed
CVE-2019-6678
was published
May 24, 2022
All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information...
Moderate
Unreviewed
CVE-2019-3430
was published
May 24, 2022
A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon...
Moderate
Unreviewed
CVE-2019-19337
was published
May 24, 2022
On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11...
Moderate
Unreviewed
CVE-2019-19151
was published
May 24, 2022
3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4...
Moderate
Unreviewed
CVE-2019-19789
was published
May 24, 2022
A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker...
Moderate
Unreviewed
CVE-2019-15584
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API