GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,879 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to... Critical Unreviewed

CVE-2019-3932 was published May 24, 2022

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling... Critical Unreviewed

CVE-2019-11627 was published May 24, 2022

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials... Critical Unreviewed

CVE-2019-3939 was published May 24, 2022

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a... Critical Unreviewed

CVE-2019-3935 was published May 24, 2022

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by... Critical Unreviewed

CVE-2017-18368 was published May 24, 2022

The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has three user... Critical Unreviewed

CVE-2017-18371 was published May 24, 2022

The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection... Critical Unreviewed

CVE-2017-18369 was published May 24, 2022

An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover)... Critical Unreviewed

CVE-2018-16988 was published May 24, 2022

A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of... Critical Unreviewed

CVE-2018-16716 was published May 24, 2022

The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224... Critical Unreviewed

CVE-2019-11677 was published May 24, 2022

The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is... Critical Unreviewed

CVE-2019-11678 was published May 24, 2022

A buffer overflow in the SMTP response service in MailCarrier 2.51 allows the attacker to execute... Critical Unreviewed

CVE-2019-11682 was published May 24, 2022

A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 through 2.2.26 legacy... Critical Unreviewed

CVE-2018-16717 was published May 24, 2022

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x through 5.0.11 allows... Critical Unreviewed

CVE-2019-11683 was published May 24, 2022

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2... Critical Unreviewed

CVE-2019-11036 was published May 24, 2022

In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in... Critical Unreviewed

CVE-2019-11037 was published May 24, 2022

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric... Critical Unreviewed

CVE-2019-1804 was published May 24, 2022

dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the... Critical Unreviewed

CVE-2019-11766 was published May 24, 2022

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to... Critical Unreviewed

CVE-2018-13990 was published May 24, 2022

An attacker could send a specifically crafted payload to the XML-RPC invocation script and... Critical Unreviewed

CVE-2019-5434 was published May 24, 2022

BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd. Critical Unreviewed

CVE-2018-14485 was published May 24, 2022

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext... Critical Unreviewed

CVE-2018-13992 was published May 24, 2022

A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models... Critical Unreviewed

CVE-2019-11560 was published May 24, 2022

A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1... Critical Unreviewed

CVE-2018-6634 was published May 24, 2022

An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. The password... Critical Unreviewed

CVE-2019-7564 was published May 24, 2022

Previous 1…389…400 Next

Previous 1 2 … 387 388 389 390 391 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,879 advisories