GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,879 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet... Critical Unreviewed

CVE-2019-11365 was published May 24, 2022

app/controllers/frontend/PostController.php in ROCBOSS V2.2.1 has SQL injection via the Post... Critical Unreviewed

CVE-2019-11362 was published May 24, 2022

BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow via a long prefix that is... Critical Unreviewed

CVE-2019-11371 was published May 24, 2022

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is... Critical Unreviewed

CVE-2019-11235 was published May 24, 2022

A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and... Critical Unreviewed

CVE-2018-20818 was published May 24, 2022

FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a ... Critical Unreviewed

CVE-2019-11234 was published May 24, 2022

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password... Critical Unreviewed

CVE-2019-11403 was published May 24, 2022

In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in... Critical Unreviewed

CVE-2019-11402 was published May 24, 2022

An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged... Critical Unreviewed

CVE-2019-11393 was published May 24, 2022

A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a... Critical Unreviewed

CVE-2019-11395 was published May 24, 2022

An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations... Critical Unreviewed

CVE-2019-11411 was published May 24, 2022

system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused by an inadequate source... Critical Unreviewed

CVE-2019-11417 was published May 24, 2022

apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer overflow via long strings to... Critical Unreviewed

CVE-2019-11418 was published May 24, 2022

An issue was discovered in Zoho ManageEngine Applications Manager 11.0 through 14.0. An... Critical Unreviewed

CVE-2019-11448 was published May 24, 2022

whatsns 4.0 allows index.php?question/ajaxadd.html title SQL injection. Critical Unreviewed

CVE-2019-11450 was published May 24, 2022

The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for... Critical Unreviewed

CVE-2015-1320 was published May 24, 2022

UDM provides support for running commands after a download is completed, this is currently made... Critical Unreviewed

CVE-2016-1579 was published May 24, 2022

In all versions of AppArmor mount rules are accidentally widened when compiled. Critical Unreviewed

CVE-2016-1585 was published May 24, 2022

It was found that default configuration of Heketi does not require any authentication potentially... Critical Unreviewed

CVE-2019-3899 was published May 24, 2022

The Zalora application 6.15.1 for Android stores confidential information insecurely on the... Critical Unreviewed

CVE-2019-11384 was published May 24, 2022

An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker... Critical Unreviewed

CVE-2019-11383 was published May 24, 2022

Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request. Critical Unreviewed

CVE-2019-11076 was published May 24, 2022

An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32... Critical Unreviewed

CVE-2019-11460 was published May 24, 2022

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are... Critical Unreviewed

CVE-2019-2517 was published May 24, 2022

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:... Critical Unreviewed

CVE-2019-2645 was published May 24, 2022

Previous 1…386…400 Next

Previous 1 2 … 384 385 386 387 388 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,879 advisories