Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,164 advisories

Loading
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no... Moderate Unreviewed
CVE-2019-9529 was published May 24, 2022
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can... Moderate Unreviewed
CVE-2019-17353 was published May 24, 2022
A security vulnerability exists in the Zingbox Inspector versions 1.280 and earlier, where... High Unreviewed
CVE-2019-15018 was published May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... High Unreviewed
CVE-2019-17219 was published May 24, 2022
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has... Moderate Unreviewed
CVE-2019-8292 was published May 24, 2022
Victure PC530 devices allow unauthenticated TELNET access as root. Critical Unreviewed
CVE-2019-15940 was published May 24, 2022
In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the... Moderate Unreviewed
CVE-2019-13523 was published May 24, 2022
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any... Moderate Unreviewed
CVE-2019-6652 was published May 24, 2022
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by... Critical Unreviewed
CVE-2019-16199 was published May 24, 2022
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This... High Unreviewed
CVE-2019-15043 was published May 24, 2022
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An... High Unreviewed
CVE-2019-13406 was published May 24, 2022
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker... High Unreviewed
CVE-2019-11061 was published May 24, 2022
Various Lexmark products have Incorrect Access Control (issue 1 of 2). Moderate Unreviewed
CVE-2019-9934 was published May 24, 2022
Various Lexmark products have Incorrect Access Control (issue 2 of 2). Moderate Unreviewed
CVE-2019-9935 was published May 24, 2022
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making... High Unreviewed
CVE-2019-14511 was published May 24, 2022
eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access... Critical Unreviewed
CVE-2019-9585 was published May 24, 2022
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be... Critical Unreviewed
CVE-2019-13101 was published May 24, 2022
A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise... Critical Unreviewed
CVE-2019-1895 was published May 24, 2022
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously,... Moderate Unreviewed
CVE-2019-10198 was published May 24, 2022
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the... Moderate Unreviewed
CVE-2019-5451 was published May 24, 2022
Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a... Critical Unreviewed
CVE-2019-13983 was published May 24, 2022
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The... High Unreviewed
CVE-2019-10915 was published May 24, 2022
eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for... Critical Unreviewed
CVE-2019-10121 was published May 24, 2022
eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16 use session IDs for... Critical Unreviewed
CVE-2019-10119 was published May 24, 2022
In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a... High Unreviewed
CVE-2019-13338 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database