GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
34 advisories
Filter by severity
Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information ...
High
Unreviewed
CVE-2018-16060
was published
May 24, 2022
Direct Request ('Forced Browsing') vulnerability in Apache OFBiz.
This issue affects Apache...
High
Unreviewed
CVE-2024-45195
was published
Sep 4, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39868
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39867
was published
Jul 9, 2024
Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system...
High
Unreviewed
CVE-2004-2144
was published
Apr 29, 2022
YusASP Web Asset Manager 1.0 allows remote attackers to gain privileges via a direct request to...
High
Unreviewed
CVE-2005-1668
was published
May 1, 2022
Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users...
High
Unreviewed
CVE-2005-1654
was published
May 1, 2022
episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct...
High
Unreviewed
CVE-2005-1685
was published
May 1, 2022
D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as...
High
Unreviewed
CVE-2005-1827
was published
May 1, 2022
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated...
High
Unreviewed
CVE-2021-24831
was published
Jan 4, 2022
A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP...
High
Unreviewed
CVE-2022-27480
was published
Apr 13, 2022
A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as...
High
Unreviewed
CVE-2022-1077
was published
Mar 30, 2022
A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this...
High
Unreviewed
CVE-2023-1682
was published
Mar 29, 2023
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or...
High
Unreviewed
CVE-2019-14347
was published
May 24, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,...
High
Unreviewed
CVE-2018-7526
was published
May 13, 2022
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control...
High
Unreviewed
CVE-2018-18862
was published
May 13, 2022
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by...
High
Unreviewed
CVE-2018-19109
was published
May 13, 2022
OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x before 4.10.6 (maintenance),...
High
Unreviewed
CVE-2017-14993
was published
May 13, 2022
A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before...
High
Unreviewed
CVE-2018-6669
was published
May 13, 2022
The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote...
High
Unreviewed
CVE-2019-6126
was published
May 13, 2022
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02...
High
Unreviewed
CVE-2019-3916
was published
May 13, 2022
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP...
High
Unreviewed
CVE-2018-16706
was published
May 13, 2022
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to...
High
Unreviewed
CVE-2017-15235
was published
May 13, 2022
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass...
High
Unreviewed
CVE-2019-6551
was published
May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote,...
High
Unreviewed
CVE-2019-3917
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API