Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110... Critical Unreviewed
CVE-2018-7095 was published May 13, 2022
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:... Critical Unreviewed
CVE-2018-3201 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue... Critical Unreviewed
CVE-2018-4110 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue... Critical Unreviewed
CVE-2018-4091 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10... Critical Unreviewed
CVE-2018-4115 was published May 13, 2022
SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e... Critical Unreviewed
CVE-2018-7702 was published May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed
CVE-2018-3594 was published May 13, 2022
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are... Critical Unreviewed
CVE-2018-3259 was published May 13, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient... Critical Unreviewed
CVE-2018-5339 was published May 13, 2022
Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to... Critical Unreviewed
CVE-2018-3641 was published May 13, 2022
An access issue was addressed with additional sandbox restrictions. This issue affected versions... Critical Unreviewed
CVE-2018-4310 was published May 13, 2022
In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules... Critical Unreviewed
CVE-2018-5506 was published May 13, 2022
NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file... Critical Unreviewed
CVE-2018-8755 was published May 13, 2022
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security... Critical Unreviewed
CVE-2018-8936 was published May 13, 2022
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for... Critical Unreviewed
CVE-2018-8931 was published May 13, 2022
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to... Critical Unreviewed
CVE-2018-6017 was published May 13, 2022
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus,... Critical Unreviewed
CVE-2018-9995 was published May 13, 2022
An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon... Critical Unreviewed
CVE-2018-7811 was published May 13, 2022
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:... Critical Unreviewed
CVE-2018-3245 was published May 13, 2022
The Auth0 authentication service before 2017-10-15 allows privilege escalation because the JWT... Critical Unreviewed
CVE-2018-6873 was published May 13, 2022
An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network... Critical Unreviewed
CVE-2018-7245 was published May 13, 2022
ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged... Critical Unreviewed
CVE-2018-5328 was published May 13, 2022
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the... Critical Unreviewed
CVE-2018-5347 was published May 13, 2022
The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle... Critical Unreviewed
CVE-2012-1516 was published May 13, 2022
In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs... Critical Unreviewed
CVE-2018-7784 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database