Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

900 advisories

Loading
Apache Struts vulnerable to arbitrary remote code execution due to improper input validation Critical
CVE-2016-3087 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
Arbitrary code execution in Apache Struts 2 Critical
CVE-2016-4438 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs... Critical Unreviewed
CVE-2018-7784 was published May 13, 2022
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid... Critical Unreviewed
CVE-2018-7739 was published May 13, 2022
Etherpad Lite Access Restriction Bypass Critical
CVE-2018-6835 was published for ep_etherpad-lite (npm) May 13, 2022
Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0... Critical Unreviewed
CVE-2018-17472 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8123 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8128 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8126 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8129 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8120 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8119 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8117 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8122 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8124 was published May 13, 2022
Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which... Critical Unreviewed
CVE-2017-16935 was published May 13, 2022
The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7... Critical Unreviewed
CVE-2017-11771 was published May 13, 2022
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2... Critical Unreviewed
CVE-2017-11402 was published May 13, 2022
In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authenticated, remote attacker can... Critical Unreviewed
CVE-2017-10700 was published May 13, 2022
The set_version script as shipped with obs-service-set_version is a source validator for the Open... Critical Unreviewed
CVE-2014-0593 was published May 13, 2022
A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x... Critical Unreviewed
CVE-2014-9186 was published May 13, 2022
SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000... Critical Unreviewed
CVE-2016-6567 was published May 13, 2022
Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the... Critical Unreviewed
CVE-2017-0915 was published May 13, 2022
Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the... Critical Unreviewed
CVE-2017-0916 was published May 13, 2022
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a... Critical Unreviewed
CVE-2017-12240 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database