Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,246 advisories

Loading
eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for... Critical Unreviewed
CVE-2019-10121 was published May 24, 2022
eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16 use session IDs for... Critical Unreviewed
CVE-2019-10119 was published May 24, 2022
In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a... High Unreviewed
CVE-2019-13338 was published May 24, 2022
Lack of authentication in file-viewing components in DDRT Dashcom Live 2019-05-09 allows anyone... High Unreviewed
CVE-2019-11020 was published May 24, 2022
Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08... High Unreviewed
CVE-2019-11019 was published May 24, 2022
hide.me before 2.4.4 on macOS suffers from a privilege escalation vulnerability in the... High Unreviewed
CVE-2019-12174 was published May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain... Moderate Unreviewed
CVE-2019-4337 was published May 24, 2022
Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote... Critical Unreviewed
CVE-2019-13131 was published May 24, 2022
A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS)... Moderate Unreviewed
CVE-2019-1876 was published May 24, 2022
A vulnerability in the configuration import utility of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2019-1629 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2019-1631 was published May 24, 2022
RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote... Critical Unreviewed
CVE-2019-12890 was published May 24, 2022
A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs... Moderate Unreviewed
CVE-2017-15123 was published May 24, 2022
Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11,... Moderate Unreviewed
CVE-2019-0312 was published May 24, 2022
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak... High Unreviewed
CVE-2019-3411 was published May 24, 2022
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated... Moderate Unreviewed
CVE-2019-9881 was published May 24, 2022
The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with... Critical Unreviewed
CVE-2019-9879 was published May 24, 2022
An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users'... Critical Unreviewed
CVE-2019-9880 was published May 24, 2022
On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access. High Unreviewed
CVE-2019-6451 was published May 24, 2022
Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with... Critical Unreviewed
CVE-2019-9871 was published May 24, 2022
An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including... Moderate Unreviewed
CVE-2019-10046 was published May 24, 2022
The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "suddenly accelerate" commands... Moderate Unreviewed
CVE-2019-12500 was published May 24, 2022
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS)... Critical Unreviewed
CVE-2019-6958 was published May 24, 2022
An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V ... Critical Unreviewed
CVE-2019-12288 was published May 24, 2022
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580,... Critical Unreviewed
CVE-2019-6808 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database