Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,144
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,879 advisories

Loading
JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain the Wi-Fi password... Critical Unreviewed
CVE-2019-7745 was published May 24, 2022
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and... Critical Unreviewed
CVE-2018-5409 was published May 24, 2022
The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881... Critical Unreviewed
CVE-2019-10712 was published May 24, 2022
In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to... Critical Unreviewed
CVE-2019-2046 was published May 24, 2022
In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion.... Critical Unreviewed
CVE-2019-2047 was published May 24, 2022
In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check.... Critical Unreviewed
CVE-2019-2045 was published May 24, 2022
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the ... Critical Unreviewed
CVE-2019-5021 was published May 24, 2022
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not... Critical Unreviewed
CVE-2019-9505 was published May 24, 2022
An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk... Critical Unreviewed
CVE-2019-7442 was published May 24, 2022
https://www.joomlaextensions.co.in/ Joomla! Component Appointment 1.1 is affected by: SQL... Critical Unreviewed
CVE-2017-12758 was published May 24, 2022
Certain Ambit Technologies Pvt. Ltd products are affected by: SQL Injection. This affects iTech... Critical Unreviewed
CVE-2017-12757 was published May 24, 2022
Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by:... Critical Unreviewed
CVE-2017-12759 was published May 24, 2022
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. Critical Unreviewed
CVE-2019-11834 was published May 24, 2022
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after... Critical Unreviewed
CVE-2019-11839 was published May 24, 2022
The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2019-11353 was published May 24, 2022
PharStreamWrapper for Typo3 unsafe deserialization vulnerability Critical
CVE-2019-11830 was published for typo3/phar-stream-wrapper (Composer) May 24, 2022
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. Critical Unreviewed
CVE-2019-11835 was published May 24, 2022
OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: (Improper Input Validation). Critical Unreviewed
CVE-2017-12795 was published May 24, 2022
A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project... Critical Unreviewed
CVE-2015-1006 was published May 24, 2022
A command injection vulnerability is present that permits an unauthenticated user with access to... Critical Unreviewed
CVE-2018-7084 was published May 24, 2022
A security vulnerability in the HPE Virtual Connect SE 16Gb Fibre Channel Module for HPE Synergy... Critical Unreviewed
CVE-2018-7120 was published May 24, 2022
Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a... Critical Unreviewed
CVE-2019-11059 was published May 24, 2022
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request... Critical Unreviewed
CVE-2019-11066 was published May 24, 2022
A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an... Critical Unreviewed
CVE-2019-1867 was published May 24, 2022
An issue was discovered in Polycom Group Series 6.1.6.1 and earlier, HDX 3.1.12 and earlier, and... Critical Unreviewed
CVE-2018-15128 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database