GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
197 advisories
Filter by severity
Applications in cf-release before 245 can be configured and pushed with a user-provided custom...
Critical
Unreviewed
CVE-2016-6658
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile...
Critical
Unreviewed
CVE-2016-10430
was published
May 14, 2022
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have...
Critical
Unreviewed
CVE-2018-10106
was published
May 14, 2022
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web...
Critical
Unreviewed
CVE-2018-9126
was published
May 14, 2022
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login...
Critical
Unreviewed
CVE-2018-10734
was published
May 14, 2022
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the...
Critical
Unreviewed
CVE-2018-10770
was published
May 14, 2022
The forgotten-password feature in index.php/member/reset/reset_email.html in YzmCMS v3.2 through...
Critical
Unreviewed
CVE-2018-11554
was published
May 14, 2022
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 ...
Critical
Unreviewed
CVE-2018-11036
was published
May 14, 2022
Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to...
Critical
Unreviewed
CVE-2018-12336
was published
May 14, 2022
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the...
Critical
Unreviewed
CVE-2018-12557
was published
May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote...
Critical
Unreviewed
CVE-2018-12908
was published
May 14, 2022
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via...
Critical
Unreviewed
CVE-2018-13123
was published
May 14, 2022
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server...
Critical
Unreviewed
CVE-2016-10727
was published
May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote...
Critical
Unreviewed
CVE-2018-14328
was published
May 14, 2022
The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote...
Critical
Unreviewed
CVE-2018-14685
was published
May 14, 2022
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain...
Critical
Unreviewed
CVE-2014-6437
was published
May 14, 2022
Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the...
Critical
Unreviewed
CVE-2016-3152
was published
May 14, 2022
ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attackers to discover credentials...
Critical
Unreviewed
CVE-2016-3312
was published
May 14, 2022
Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to...
Critical
Unreviewed
CVE-2018-15534
was published
May 14, 2022
ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6...
Critical
Unreviewed
CVE-2017-9000
was published
May 14, 2022
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue,...
Critical
Unreviewed
CVE-2017-18345
was published
May 14, 2022
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or...
Critical
Unreviewed
CVE-2018-16710
was published
May 14, 2022
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and...
Critical
Unreviewed
CVE-2018-12671
was published
May 14, 2022
Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers...
Critical
Unreviewed
CVE-2015-2254
was published
May 14, 2022
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu...
Critical
Unreviewed
CVE-2018-12892
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API