Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,511
Maven
5,000+
npm
4,149
NuGet
736
pip
3,949
Pub
12
RubyGems
946
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

312 advisories

Loading
iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to... High Unreviewed
CVE-2016-2309 was published May 17, 2022
Configuration and database backup archives are not signed or validated in Trend Micro Deep... High Unreviewed
CVE-2017-11379 was published May 17, 2022
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and... High Unreviewed
CVE-2014-2718 was published May 17, 2022
The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for... Moderate Unreviewed
CVE-2015-9232 was published May 17, 2022
Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker... Moderate Unreviewed
CVE-2017-2701 was published May 17, 2022
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific... High Unreviewed
CVE-2017-14091 was published May 14, 2022
scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module... High Unreviewed
CVE-2014-8165 was published May 14, 2022
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle... Moderate Unreviewed
CVE-2017-1773 was published May 14, 2022
Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings... High Unreviewed
CVE-2018-10080 was published May 14, 2022
The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer... High Unreviewed
CVE-2015-4674 was published May 14, 2022
Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it... High Unreviewed
CVE-2016-1493 was published May 14, 2022
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote... Moderate Unreviewed
CVE-2015-0251 was published May 14, 2022
Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An... High Unreviewed
CVE-2018-7932 was published May 13, 2022
totemomail Encryption Gateway before 6.0_b567 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2018-6562 was published May 13, 2022
A content spoofing vulnerability in the following components allows to render html pages... Moderate Unreviewed
CVE-2018-2434 was published May 13, 2022
Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS)... High Unreviewed
CVE-2018-12333 was published May 13, 2022
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by... High Unreviewed
CVE-2017-9606 was published May 13, 2022
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e... High Unreviewed
CVE-2017-17023 was published May 13, 2022
In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to... High Unreviewed
CVE-2017-11178 was published May 13, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed
CVE-2017-11130 was published May 13, 2022
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local... High Unreviewed
CVE-2017-0563 was published May 13, 2022
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and... Critical Unreviewed
CVE-2015-3956 was published May 13, 2022
Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in... High Unreviewed
CVE-2017-10624 was published May 13, 2022
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software... Moderate Unreviewed
CVE-2017-12740 was published May 13, 2022
IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other... Moderate Unreviewed
CVE-2017-1405 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database