Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,160 advisories

Loading
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point... Critical Unreviewed
CVE-2018-5393 was published May 13, 2022
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2... High Unreviewed
CVE-2018-7357 was published May 13, 2022
ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060... High Unreviewed
CVE-2019-6542 was published May 13, 2022
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly... Critical Unreviewed
CVE-2019-6543 was published May 13, 2022
Registers used to store Modbus values can be read and written from the web interface without... Critical Unreviewed
CVE-2019-6533 was published May 13, 2022
The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation... Moderate Unreviewed
CVE-2011-3055 was published May 13, 2022
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and... High Unreviewed
CVE-2017-3209 was published May 13, 2022
With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests... Moderate Unreviewed
CVE-2016-10364 was published May 13, 2022
diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check,... Critical Unreviewed
CVE-2019-9974 was published May 13, 2022
Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC... Critical Unreviewed
CVE-2019-9201 was published May 13, 2022
The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows... High Unreviewed
CVE-2019-9484 was published May 13, 2022
An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a... Critical Unreviewed
CVE-2019-9125 was published May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03.... High Unreviewed
CVE-2019-7389 was published May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There... High Unreviewed
CVE-2019-7390 was published May 13, 2022
Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via... High Unreviewed
CVE-2019-3941 was published May 13, 2022
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of... High Unreviewed
CVE-2019-10946 was published May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... High Unreviewed
CVE-2019-10042 was published May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed
CVE-2019-10041 was published May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed
CVE-2019-10040 was published May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed
CVE-2019-10039 was published May 13, 2022
Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced)... Critical Unreviewed
CVE-2019-0261 was published May 13, 2022
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for... Critical Unreviewed
CVE-2019-0246 was published May 13, 2022
A missing authentication for appliance registration vulnerability in Trend Micro Email Encryption... Critical Unreviewed
CVE-2018-6223 was published May 13, 2022
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web... High Unreviewed
CVE-2018-20220 was published May 13, 2022
The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and... Critical Unreviewed
CVE-2018-19248 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database