GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
269 advisories
Filter by severity
An incorrect check in the component cdr.php of Voipmonitor GUI before v24.96 allows...
Critical
Unreviewed
CVE-2022-24259
was published
Feb 10, 2022
Windows Hyper-V Elevation of Privilege Vulnerability.
Critical
Unreviewed
CVE-2022-21901
was published
Jan 12, 2022
Phone Manager application has a Improper Privilege Management vulnerability.Successful...
Critical
Unreviewed
CVE-2021-39982
was published
Jan 4, 2022
Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability.
Critical
Unreviewed
CVE-2022-37968
was published
Oct 12, 2022
The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows...
Critical
Unreviewed
CVE-2012-5376
was published
May 13, 2022
Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of...
Critical
Unreviewed
CVE-2018-9853
was published
May 13, 2022
An access issue was addressed with additional sandbox restrictions. This issue affected versions...
Critical
Unreviewed
CVE-2018-4310
was published
May 13, 2022
Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site...
Critical
Unreviewed
CVE-2018-12596
was published
May 13, 2022
I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in...
Critical
Unreviewed
CVE-2018-1000141
was published
May 13, 2022
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06...
Critical
Unreviewed
CVE-2017-6342
was published
May 13, 2022
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can...
Critical
Unreviewed
CVE-2017-5624
was published
May 13, 2022
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,...
Critical
Unreviewed
CVE-2017-5142
was published
May 13, 2022
EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a...
Critical
Unreviewed
CVE-2017-4982
was published
May 13, 2022
An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read...
Critical
Unreviewed
CVE-2017-14349
was published
May 13, 2022
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is...
Critical
Unreviewed
CVE-2017-12635
was published
May 13, 2022
ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check...
Critical
Unreviewed
CVE-2017-1000003
was published
May 13, 2022
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall...
Critical
Unreviewed
CVE-2018-0425
was published
May 13, 2022
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions...
Critical
Unreviewed
CVE-2017-9944
was published
May 13, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version,...
Critical
Unreviewed
CVE-2018-19725
was published
May 13, 2022
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId...
Critical
Unreviewed
CVE-2017-7312
was published
May 13, 2022
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated...
Critical
Unreviewed
CVE-2018-10143
was published
May 13, 2022
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4,...
Critical
Unreviewed
CVE-2014-1510
was published
May 13, 2022
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey...
Critical
Unreviewed
CVE-2014-1511
was published
May 13, 2022
Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers...
Critical
Unreviewed
CVE-2017-13707
was published
May 13, 2022
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not...
Critical
Unreviewed
CVE-2021-38759
was published
Dec 8, 2021
ProTip!
Advisories are also available from the
GraphQL API