Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,516 advisories

Loading
The Supermicro BMC implementation allows remote attackers to bypass authentication and execute... High Unreviewed
CVE-2013-4782 was published May 17, 2022
The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass... High Unreviewed
CVE-2013-4784 was published May 17, 2022
github.com/rancher/steve's users can issue watch commands for arbitrary resources High
CVE-2024-52280 was published for github.com/rancher/steve (Go) Nov 20, 2024
Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server... High Unreviewed
CVE-2022-45431 was published Dec 27, 2022
phpMyAdmin allows remote attackers to bypass authentication and obtain sensitive information High
CVE-2010-4481 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
The administrative interface in Allied Telesis AT-RG634A ADSL Broadband router 3.3+, iMG624A... High Unreviewed
CVE-2014-1982 was published May 17, 2022
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require... High Unreviewed
CVE-2014-2609 was published May 17, 2022
The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote... High Unreviewed
CVE-2014-4725 was published May 17, 2022
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers... High Unreviewed
CVE-2014-8424 was published May 17, 2022
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService... High Unreviewed
CVE-2013-4793 was published May 17, 2022
HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management... High Unreviewed
CVE-2015-2117 was published May 17, 2022
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1... High Unreviewed
CVE-2015-1486 was published May 17, 2022
WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote... High Unreviewed
CVE-2014-9605 was published May 14, 2022
Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an... High Unreviewed
CVE-2015-6401 was published May 17, 2022
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b,... High Unreviewed
CVE-2015-7755 was published May 17, 2022
The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require... High Unreviewed
CVE-2015-6480 was published May 17, 2022
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys... High Unreviewed
CVE-2015-7974 was published May 13, 2022
The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2... High Unreviewed
CVE-2016-1402 was published May 17, 2022
The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar... High Unreviewed
CVE-2016-1427 was published May 17, 2022
Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, and 3.7.x through 3.9.x... High Unreviewed
CVE-2016-6659 was published May 13, 2022
OpenStack Identity (Keystone) Trustee token revocations does not work with memcache backend High
CVE-2014-2237 was published for keystone (pip) May 17, 2022
kyverno verifyImages rule bypass possible with malicious proxy/registry High
CVE-2022-47633 was published for github.com/kyverno/kyverno (Go) Dec 21, 2022
slashben
OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass... High Unreviewed
CVE-2022-38733 was published Dec 20, 2022
An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2. The attacker can... High Unreviewed
CVE-2017-5554 was published May 13, 2022
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0. High Unreviewed
CVE-2017-6104 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database