GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,816
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,920
npm 4,119
NuGet 735
pip 3,941
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,918

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

105 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Moderate Unreviewed

CVE-2021-29777 was published May 24, 2022

An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience... Moderate Unreviewed

CVE-2021-31927 was published May 24, 2022

Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212... High Unreviewed

CVE-2021-30507 was published May 24, 2022

IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in... Critical Unreviewed

CVE-2020-4561 was published May 24, 2022

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library)... High Unreviewed

CVE-2021-20443 was published May 24, 2022

If an image had not loaded correctly (such as when it is not actually an image), it could be... Moderate Unreviewed

CVE-2019-17014 was published May 24, 2022

A remote file include (RFI) issue was discovered in Enghouse Web Chat 6.2.284.34. One can replace... Moderate Unreviewed

CVE-2019-16951 was published May 24, 2022

A same-origin policy violation occurs allowing the theft of cross-origin images through a... Moderate Unreviewed

CVE-2019-11742 was published May 24, 2022

IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access... Moderate Unreviewed

CVE-2019-4263 was published May 24, 2022

playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse. High Unreviewed

CVE-2018-18387 was published May 13, 2022

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated... Critical Unreviewed

CVE-2018-15486 was published May 13, 2022

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel (Tools and Maintenance ->... High Unreviewed

CVE-2018-1000502 was published May 13, 2022

The cache directory on the local file system is set to be world writable. Firefox defaults to... Critical Unreviewed

CVE-2017-5397 was published May 13, 2022

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and... Critical Unreviewed

CVE-2017-1376 was published May 13, 2022

A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could... High Unreviewed

CVE-2017-14095 was published May 13, 2022

Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by... High Unreviewed

CVE-2018-12120 was published May 13, 2022

Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console... Critical Unreviewed

CVE-2018-17246 was published May 13, 2022

An information disclosure vulnerability exists when affected Microsoft browsers improperly allow... Moderate Unreviewed

CVE-2018-8351 was published May 13, 2022

Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a... High Unreviewed

CVE-2019-9829 was published May 13, 2022

In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an... Moderate Unreviewed

CVE-2022-29845 was published May 12, 2022

ruby193 uses an insecure LD_LIBRARY_PATH setting. Low Unreviewed

CVE-2013-1945 was published May 5, 2022

PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2)... High Unreviewed

CVE-2004-0285 was published Apr 29, 2022

PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and ... High Unreviewed

CVE-2004-0030 was published Apr 29, 2022

An attacker with the ability to modify a user program may change user program code on some... Critical Unreviewed

CVE-2022-1161 was published Apr 12, 2022

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts... High Unreviewed

CVE-2022-25485 was published Mar 16, 2022

Previous 1…45 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

105 advisories