GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,268
Erlang
31
GitHub Actions
21
Go
2,043
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
951 advisories
Filter by severity
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank...
High
Unreviewed
CVE-2011-2187
was published
Apr 22, 2022
websitebaker prior to and including 2.8.1 has an authentication error in backup module.
High
Unreviewed
CVE-2011-4322
was published
Apr 22, 2022
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in...
Moderate
Unreviewed
CVE-2012-2736
was published
Apr 23, 2022
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior...
High
Unreviewed
CVE-2021-25094
was published
Apr 26, 2022
Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote...
Critical
Unreviewed
CVE-2022-28719
was published
Apr 29, 2022
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with...
High
Unreviewed
CVE-2004-0213
was published
Apr 29, 2022
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server...
High
Unreviewed
CVE-2002-1810
was published
Apr 30, 2022
admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user...
High
Unreviewed
CVE-2009-1780
was published
May 2, 2022
Multiple Version of TRUMPF TruTops products expose a service function without necessary...
Critical
Unreviewed
CVE-2022-1300
was published
May 3, 2022
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An...
High
Unreviewed
CVE-2018-17924
was published
May 3, 2022
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass...
High
Unreviewed
CVE-2007-0956
was published
May 3, 2022
On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to...
Moderate
Unreviewed
CVE-2022-27495
was published
May 6, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x...
Critical
Unreviewed
CVE-2022-1388
was published
May 6, 2022
The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and...
Moderate
Unreviewed
CVE-2022-0424
was published
May 10, 2022
The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for...
Moderate
Unreviewed
CVE-2014-2590
was published
May 13, 2022
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass...
Critical
Unreviewed
CVE-2015-2888
was published
May 13, 2022
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable...
Critical
Unreviewed
CVE-2017-2637
was published
May 13, 2022
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain...
High
Unreviewed
CVE-2019-5514
was published
May 13, 2022
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3...
High
Unreviewed
CVE-2018-4840
was published
May 13, 2022
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote...
High
Unreviewed
CVE-2019-6447
was published
May 13, 2022
D-Link routers with the mydlink feature have some web interfaces without authentication...
High
Unreviewed
CVE-2019-7642
was published
May 13, 2022
An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service...
High
Unreviewed
CVE-2017-12575
was published
May 13, 2022
A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series...
High
Unreviewed
CVE-2019-1654
was published
May 13, 2022
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and...
Moderate
Unreviewed
CVE-2019-6538
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API