GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
869 advisories
Filter by severity
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3...
High
Unreviewed
CVE-2018-4840
was published
May 13, 2022
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain...
High
Unreviewed
CVE-2019-5514
was published
May 13, 2022
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable...
Critical
Unreviewed
CVE-2017-2637
was published
May 13, 2022
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass...
Critical
Unreviewed
CVE-2015-2888
was published
May 13, 2022
The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for...
Moderate
Unreviewed
CVE-2014-2590
was published
May 13, 2022
The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and...
Moderate
Unreviewed
CVE-2022-0424
was published
May 10, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x...
Critical
Unreviewed
CVE-2022-1388
was published
May 6, 2022
On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to...
Moderate
Unreviewed
CVE-2022-27495
was published
May 6, 2022
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass...
High
Unreviewed
CVE-2007-0956
was published
May 3, 2022
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An...
High
Unreviewed
CVE-2018-17924
was published
May 3, 2022
Multiple Version of TRUMPF TruTops products expose a service function without necessary...
Critical
Unreviewed
CVE-2022-1300
was published
May 3, 2022
admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user...
High
Unreviewed
CVE-2009-1780
was published
May 2, 2022
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server...
High
Unreviewed
CVE-2002-1810
was published
Apr 30, 2022
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with...
High
Unreviewed
CVE-2004-0213
was published
Apr 29, 2022
Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote...
Critical
Unreviewed
CVE-2022-28719
was published
Apr 29, 2022
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior...
High
Unreviewed
CVE-2021-25094
was published
Apr 26, 2022
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in...
Moderate
Unreviewed
CVE-2012-2736
was published
Apr 23, 2022
websitebaker prior to and including 2.8.1 has an authentication error in backup module.
High
Unreviewed
CVE-2011-4322
was published
Apr 22, 2022
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank...
High
Unreviewed
CVE-2011-2187
was published
Apr 22, 2022
xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a...
Critical
Unreviewed
CVE-2006-0062
was published
Apr 21, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows...
Critical
Unreviewed
CVE-2022-0993
was published
Apr 20, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows...
Critical
Unreviewed
CVE-2022-0992
was published
Apr 20, 2022
The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry...
Moderate
Unreviewed
CVE-2022-0140
was published
Apr 13, 2022
Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging....
Moderate
Unreviewed
CVE-2022-0878
was published
Apr 13, 2022
ProTip!
Advisories are also available from the
GraphQL API