Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,494
Maven
5,000+
npm
4,129
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,874 advisories

Loading
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS... Critical Unreviewed
CVE-2019-10922 was published May 24, 2022
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via... Critical Unreviewed
CVE-2019-3568 was published May 24, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1... Critical Unreviewed
CVE-2019-6572 was published May 24, 2022
Password in config file in KIE server Critical
CVE-2016-7043 was published for org.kie.server:kie-server-common (Maven) May 24, 2022
RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to... Critical Unreviewed
CVE-2019-3725 was published May 24, 2022
In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE before 11.2-RELEASE-p10,... Critical Unreviewed
CVE-2019-5597 was published May 24, 2022
A remote code execution vulnerability exists in Remote Desktop Services formerly known as... Critical Unreviewed
CVE-2019-0708 was published May 24, 2022
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to... Critical Unreviewed
CVE-2019-0938 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and... Critical Unreviewed
CVE-2019-1821 was published May 24, 2022
An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit... Critical Unreviewed
CVE-2018-17181 was published May 24, 2022
An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task... Critical Unreviewed
CVE-2018-17179 was published May 24, 2022
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext... Critical Unreviewed
CVE-2018-20839 was published May 24, 2022
A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote... Critical Unreviewed
CVE-2019-0172 was published May 24, 2022
Buffer overflow in subsystem in Intel(R) CSME before version 12.0.35 may allow an unauthenticated... Critical Unreviewed
CVE-2019-0153 was published May 24, 2022
GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflow via a long extension. Critical Unreviewed
CVE-2019-12158 was published May 24, 2022
GoHTTP through 2017-07-25 has a sendHeader use-after-free. Critical Unreviewed
CVE-2019-12160 was published May 24, 2022
SimplyBook.me through 2019-05-11 does not properly restrict File Upload which could allow remote... Critical Unreviewed
CVE-2019-11887 was published May 24, 2022
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2019-4279 was published May 24, 2022
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0... Critical Unreviewed
CVE-2019-5883 was published May 24, 2022
Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information... Critical Unreviewed
CVE-2019-5945 was published May 24, 2022
JR East Japan train operation information push notification App for Android version 1.2.4 and... Critical Unreviewed
CVE-2019-5954 was published May 24, 2022
Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of... Critical Unreviewed
CVE-2019-5953 was published May 24, 2022
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7... Critical Unreviewed
CVE-2019-7353 was published May 24, 2022
The Virim plugin 0.4 for WordPress allows Insecure Deserialization via s_values, t_values, or... Critical Unreviewed
CVE-2019-12240 was published May 24, 2022
The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source... Critical Unreviewed
CVE-2019-12241 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database