GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
869 advisories
Filter by severity
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing...
Critical
Unreviewed
CVE-2018-5338
was published
May 14, 2022
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers...
Critical
Unreviewed
CVE-2016-2004
was published
May 14, 2022
Missing Authentication for Critical Function in Apache Cassandra
Critical
CVE-2018-8016
was published
for
org.apache.cassandra:cassandra-all
(Maven)
May 13, 2022
NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire...
High
Unreviewed
CVE-2018-5486
was published
May 13, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient...
Critical
Unreviewed
CVE-2018-5339
was published
May 13, 2022
A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions < V4...
High
Unreviewed
CVE-2018-4838
was published
May 13, 2022
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's...
High
Unreviewed
CVE-2018-18264
was published
May 13, 2022
Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows...
Moderate
Unreviewed
CVE-2018-16758
was published
May 13, 2022
An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's...
Critical
Unreviewed
CVE-2017-7315
was published
May 13, 2022
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and...
Critical
Unreviewed
CVE-2017-6409
was published
May 13, 2022
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges...
Critical
Unreviewed
CVE-2017-4919
was published
May 13, 2022
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating...
High
Unreviewed
CVE-2017-3819
was published
May 13, 2022
The 'Find Phone' function in Nice smartphones with software versions earlier before Nice...
Moderate
Unreviewed
CVE-2017-2708
was published
May 13, 2022
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an...
Critical
Unreviewed
CVE-2017-18001
was published
May 13, 2022
Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow...
Moderate
Unreviewed
CVE-2017-17747
was published
May 13, 2022
Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with...
High
Unreviewed
CVE-2017-17746
was published
May 13, 2022
Incorrect access control in AMAG Symmetry Door Edge Network Controllers (EN-1DBC Boot App 23611...
High
Unreviewed
CVE-2017-16241
was published
May 13, 2022
IBM InfoSphere Master Data Management - Collaborative Edition 11.5 could allow an unauthorized...
High
Unreviewed
CVE-2017-1523
was published
May 13, 2022
register_send.php on D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices does not...
Critical
Unreviewed
CVE-2017-14417
was published
May 13, 2022
Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel...
Critical
Unreviewed
CVE-2017-12822
was published
May 13, 2022
An Improper Access Control issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe...
High
Unreviewed
CVE-2017-12720
was published
May 13, 2022
Openstack Aodh can be used to launder Keystone trusts
High
CVE-2017-12440
was published
for
aodh
(pip)
May 13, 2022
Openstack tripleo-heat-templates unauthenticated file access
Moderate
CVE-2017-12155
was published
for
tripleo-heat-templates
(pip)
May 13, 2022
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:...
High
Unreviewed
CVE-2017-10271
was published
May 13, 2022
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks...
Moderate
Unreviewed
CVE-2016-9496
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API