Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,286
Erlang
31
GitHub Actions
21
Go
2,058
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

120 advisories

Loading
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to... High Unreviewed
CVE-2017-15235 was published May 13, 2022
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP... High Unreviewed
CVE-2018-16706 was published May 13, 2022
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02... High Unreviewed
CVE-2019-3916 was published May 13, 2022
The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote... High Unreviewed
CVE-2019-6126 was published May 13, 2022
D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm... Critical Unreviewed
CVE-2019-7736 was published May 13, 2022
A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before... High Unreviewed
CVE-2018-6669 was published May 13, 2022
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An... Moderate Unreviewed
CVE-2020-35570 was published May 24, 2022
"Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows remote attackers to bypass... Critical Unreviewed
CVE-2017-10833 was published May 13, 2022
OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x before 4.10.6 (maintenance),... High Unreviewed
CVE-2017-14993 was published May 13, 2022
Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global... Critical Unreviewed
CVE-2017-17736 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10... Moderate Unreviewed
CVE-2017-2486 was published May 13, 2022
CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese... Moderate Unreviewed
CVE-2017-2139 was published May 13, 2022
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10... Moderate Unreviewed
CVE-2017-2143 was published May 13, 2022
FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory... Low Unreviewed
CVE-2017-2161 was published May 13, 2022
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0... Moderate Unreviewed
CVE-2018-11346 was published May 13, 2022
add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an... Critical Unreviewed
CVE-2018-18922 was published May 13, 2022
The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows... Critical Unreviewed
CVE-2018-19207 was published May 13, 2022
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0... Moderate Unreviewed
CVE-2018-19143 was published May 13, 2022
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by... High Unreviewed
CVE-2018-19109 was published May 13, 2022
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control... High Unreviewed
CVE-2018-18862 was published May 13, 2022
OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct... Critical Unreviewed
CVE-2018-6624 was published May 13, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,... High Unreviewed
CVE-2018-7526 was published May 13, 2022
A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to... Critical Unreviewed
CVE-2022-41746 was published Oct 11, 2022
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture... Moderate Unreviewed
CVE-2021-24046 was published Jan 15, 2022
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or... High Unreviewed
CVE-2019-14347 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database