GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,614
NuGet
638
pip
3,225
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
148 advisories
Filter by severity
Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS...
High
Unreviewed
CVE-2017-11344
was published
May 17, 2022
Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware...
High
Unreviewed
CVE-2017-11345
was published
May 17, 2022
Improper administrator IP validation after his login in the HTTPd server in all current versions ...
High
Unreviewed
CVE-2017-15653
was published
May 14, 2022
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other...
High
Unreviewed
CVE-2014-9583
was published
May 14, 2022
Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11...
High
Unreviewed
CVE-2017-5705
was published
May 14, 2022
Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker...
High
Unreviewed
CVE-2017-5706
was published
May 14, 2022
Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker...
High
Unreviewed
CVE-2017-5707
was published
May 14, 2022
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x...
High
Unreviewed
CVE-2017-5712
was published
May 14, 2022
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine...
High
Unreviewed
CVE-2017-5711
was published
May 14, 2022
Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46...
High
Unreviewed
CVE-2018-0647
was published
May 14, 2022
Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote...
High
Unreviewed
CVE-2018-15887
was published
May 14, 2022
Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 routers with firmware through 3...
High
Unreviewed
CVE-2018-17023
was published
May 14, 2022
blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers...
High
Unreviewed
CVE-2018-17127
was published
May 14, 2022
ASUS HG100 devices allow denial of service via an IPv4 packet flood.
High
Unreviewed
CVE-2018-11492
was published
May 13, 2022
Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT...
High
Unreviewed
CVE-2017-6549
was published
May 13, 2022
Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows...
High
Unreviewed
CVE-2017-5710
was published
May 13, 2022
Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11...
High
Unreviewed
CVE-2017-5708
was published
May 13, 2022
Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows...
High
Unreviewed
CVE-2017-5709
was published
May 13, 2022
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4...
High
Unreviewed
CVE-2017-15656
was published
May 13, 2022
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380...
High
Unreviewed
CVE-2017-15654
was published
May 13, 2022
ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability. A normal user can...
High
Unreviewed
CVE-2017-12592
was published
May 13, 2022
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web...
High
Unreviewed
CVE-2016-6557
was published
May 13, 2022
Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.67_0RT-AC5300 and earlier for ASUS...
High
Unreviewed
CVE-2017-12754
was published
May 13, 2022
Stack-based buffer overflow in the ej_update_variables function in router/httpd/web.c on ASUS...
High
Unreviewed
CVE-2018-5721
was published
May 13, 2022
The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read...
High
Unreviewed
CVE-2018-18535
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API