Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU... High Unreviewed
CVE-2019-14927 was published May 24, 2022
In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the... Moderate Unreviewed
CVE-2019-13525 was published May 24, 2022
HiNet GPON firmware version < I040GWR190731 allows an attacker login to device without any... Critical Unreviewed
CVE-2019-15064 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2019-15282 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no... Moderate Unreviewed
CVE-2019-9529 was published May 24, 2022
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can... Moderate Unreviewed
CVE-2019-17353 was published May 24, 2022
A security vulnerability exists in the Zingbox Inspector versions 1.280 and earlier, where... High Unreviewed
CVE-2019-15018 was published May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... High Unreviewed
CVE-2019-17219 was published May 24, 2022
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has... Moderate Unreviewed
CVE-2019-8292 was published May 24, 2022
Victure PC530 devices allow unauthenticated TELNET access as root. Critical Unreviewed
CVE-2019-15940 was published May 24, 2022
In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the... Moderate Unreviewed
CVE-2019-13523 was published May 24, 2022
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any... Moderate Unreviewed
CVE-2019-6652 was published May 24, 2022
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by... Critical Unreviewed
CVE-2019-16199 was published May 24, 2022
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This... High Unreviewed
CVE-2019-15043 was published May 24, 2022
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An... High Unreviewed
CVE-2019-13406 was published May 24, 2022
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker... High Unreviewed
CVE-2019-11061 was published May 24, 2022
Various Lexmark products have Incorrect Access Control (issue 1 of 2). Moderate Unreviewed
CVE-2019-9934 was published May 24, 2022
Various Lexmark products have Incorrect Access Control (issue 2 of 2). Moderate Unreviewed
CVE-2019-9935 was published May 24, 2022
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making... High Unreviewed
CVE-2019-14511 was published May 24, 2022
eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access... Critical Unreviewed
CVE-2019-9585 was published May 24, 2022
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be... Critical Unreviewed
CVE-2019-13101 was published May 24, 2022
A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise... Critical Unreviewed
CVE-2019-1895 was published May 24, 2022
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously,... Moderate Unreviewed
CVE-2019-10198 was published May 24, 2022
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the... Moderate Unreviewed
CVE-2019-5451 was published May 24, 2022
Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a... Critical Unreviewed
CVE-2019-13983 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database