Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

242 advisories

Loading
An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page... High Unreviewed
CVE-2017-12576 was published May 13, 2022
Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote... High Unreviewed
CVE-2017-11382 was published May 13, 2022
Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having... High Unreviewed
CVE-2017-0367 was published May 13, 2022
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on... High Unreviewed
CVE-2017-16598 was published May 13, 2022
This vulnerability allows remote attackers to execute code by creating arbitrary files on... High Unreviewed
CVE-2017-16606 was published May 13, 2022
This vulnerability allows remote attackers to execute code by creating arbitrary files on... High Unreviewed
CVE-2017-16603 was published May 13, 2022
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to gain elevated... High Unreviewed
CVE-2018-1840 was published May 13, 2022
Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection... High Unreviewed
CVE-2012-1846 was published May 13, 2022
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script... High Unreviewed
CVE-2019-8308 was published May 13, 2022
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include... High Unreviewed
CVE-2018-6910 was published May 13, 2022
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the... High Unreviewed
CVE-2013-4480 was published May 13, 2022
An attacker, who gained elevated privileges via some other vulnerability, may be able to read... High Unreviewed
CVE-2021-26366 was published May 13, 2022
Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify... High Unreviewed
CVE-2021-26317 was published May 13, 2022
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded... High Unreviewed
CVE-2021-27770 was published May 13, 2022
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information... High Unreviewed
CVE-2022-29500 was published May 6, 2022
Monkey HTTP Daemon has local security bypass High Unreviewed
CVE-2013-2183 was published May 5, 2022
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25... High Unreviewed
CVE-2013-4374 was published May 5, 2022
A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On... High Unreviewed
CVE-2022-22783 was published Apr 29, 2022
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version... High Unreviewed
CVE-2022-27257 was published Apr 16, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed
CVE-2022-25755 was published Apr 13, 2022
BeyondTrust AppGuard Enterprise through 6.6.20.2 creates a Temporary File in a Directory with... High Unreviewed
CVE-2021-42255 was published Apr 13, 2022
Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local... High Unreviewed
CVE-2022-24411 was published Apr 13, 2022
A remote, unauthenticated attacker could utilize the control programmer of the CODESYS Control... High Unreviewed
CVE-2022-22515 was published Apr 8, 2022
Verizon LVSKIHP 5G outside devices through 2022-02-15 allow anyone (knowing the device's serial... High Unreviewed
CVE-2022-28376 was published Apr 4, 2022
IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to... High Unreviewed
CVE-2022-22331 was published Apr 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database