Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,260 advisories

Loading
Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an... Moderate Unreviewed
CVE-2019-5879 was published May 24, 2022
Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed... Moderate Unreviewed
CVE-2019-13716 was published May 24, 2022
P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper... Moderate Unreviewed
CVE-2019-5231 was published May 24, 2022
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601)... Moderate Unreviewed
CVE-2018-18819 was published May 24, 2022
In VMware SD-WAN by VeloCloud versions 3.x prior to 3.3.0, the VeloCloud Orchestrator parameter... Moderate Unreviewed
CVE-2019-5533 was published May 24, 2022
This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint ... Moderate Unreviewed
CVE-2019-6144 was published May 24, 2022
OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access... Critical Unreviewed
CVE-2019-15941 was published May 24, 2022
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-12671 was published May 24, 2022
A vulnerability in the IOx application environment for Cisco IOS Software could allow an... High Unreviewed
CVE-2019-12648 was published May 24, 2022
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices,... Critical Unreviewed
CVE-2019-14236 was published May 24, 2022
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a... Critical Unreviewed
CVE-2019-14237 was published May 24, 2022
A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure... High Unreviewed
CVE-2019-14811 was published May 24, 2022
A flaw was found in, ghostscript versions prior to 9.28, in the .pdfexectoken and other... High Unreviewed
CVE-2019-14817 was published May 24, 2022
The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to... Moderate Unreviewed
CVE-2019-8446 was published May 24, 2022
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader... High Unreviewed
CVE-2019-14924 was published May 24, 2022
The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote... Moderate Unreviewed
CVE-2018-20826 was published May 24, 2022
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches... Critical Unreviewed
CVE-2019-1912 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in... High Unreviewed
CVE-2019-13386 was published May 24, 2022
Application permissions give additional remote troubleshooting permission to the site input... Moderate Unreviewed
CVE-2019-11724 was published May 24, 2022
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact... Moderate Unreviewed
CVE-2019-1010084 was published May 24, 2022
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system... Moderate Unreviewed
CVE-2019-5220 was published May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed... Moderate Unreviewed
CVE-2019-5838 was published May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),... High Unreviewed
CVE-2019-6582 was published May 24, 2022
Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and 8.x before 8.00.1128 allows... Moderate Unreviewed
CVE-2019-12492 was published May 24, 2022
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5... High Unreviewed
CVE-2018-13382 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database