Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from... Critical Unreviewed
CVE-2020-6198 was published May 24, 2022
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c... Critical Unreviewed
CVE-2020-7043 was published May 24, 2022
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may execute arbitrary system... Critical Unreviewed
CVE-2019-12511 was published May 24, 2022
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP... Critical Unreviewed
CVE-2015-5741 was published May 24, 2022
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the... Critical Unreviewed
CVE-2019-17096 was published May 24, 2022
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2... Critical Unreviewed
CVE-2019-17095 was published May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x... Critical Unreviewed
CVE-2015-0244 was published May 24, 2022
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23... Critical Unreviewed
CVE-2015-4042 was published May 24, 2022
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS... Critical Unreviewed
CVE-2019-19841 was published May 24, 2022
Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64... Critical Unreviewed
CVE-2020-5505 was published May 24, 2022
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors... Critical Unreviewed
CVE-2015-8367 was published May 24, 2022
M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability.... Critical Unreviewed
CVE-2019-19398 was published May 24, 2022
Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and... Critical Unreviewed
CVE-2019-12567 was published May 24, 2022
All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems... Critical Unreviewed
CVE-2019-3431 was published May 24, 2022
Equinox Control Expert all versions, is vulnerable to an SQL injection attack, which may allow an... Critical Unreviewed
CVE-2019-18234 was published May 24, 2022
NetHack before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines... Critical Unreviewed
CVE-2019-19905 was published May 24, 2022
The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP... Critical Unreviewed
CVE-2019-19782 was published May 24, 2022
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and... Critical Unreviewed
CVE-2019-19790 was published May 24, 2022
An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such... Critical Unreviewed
CVE-2019-18802 was published May 24, 2022
The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and... Critical Unreviewed
CVE-2019-17364 was published May 24, 2022
processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2... Critical Unreviewed
CVE-2019-16730 was published May 24, 2022
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary... Critical Unreviewed
CVE-2019-3951 was published May 24, 2022
An exploitable code execution vulnerability exists in the DICOM network response functionality of... Critical Unreviewed
CVE-2019-5093 was published May 24, 2022
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2019-3989 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An... Critical Unreviewed
CVE-2019-18325 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database