GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,702
Composer 4,237
Erlang 31
GitHub Actions 20
Go 1,998
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,358

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

266 advisories

Filter by severity

Sort by

Least recently updated

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow... High Unreviewed

CVE-2020-7487 was published May 24, 2022

An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that... Moderate Unreviewed

CVE-2020-11539 was published May 24, 2022

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6443 was published May 24, 2022

An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A... Moderate Unreviewed

CVE-2020-7982 was published May 24, 2022

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file... Moderate Unreviewed

CVE-2019-15613 was published May 24, 2022

com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and... Moderate Unreviewed

CVE-2019-20057 was published May 24, 2022

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated... High Unreviewed

CVE-2019-3979 was published May 24, 2022

Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by... High Unreviewed

CVE-2019-6475 was published May 24, 2022

In SAP NetWeaver Process Integration (AS2 Adapter), before versions 1.0 and 2.0, the attacker is... Moderate Unreviewed

CVE-2019-0379 was published May 24, 2022

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why... Moderate Unreviewed

CVE-2019-15162 was published May 24, 2022

If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any... Moderate Unreviewed

CVE-2019-11737 was published May 24, 2022

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an... Moderate Unreviewed

CVE-2019-12620 was published May 24, 2022

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an... Moderate Unreviewed

CVE-2019-5478 was published May 24, 2022

Lack of root file system integrity checking in Fortinet FortiManager VM application images of all... Critical Unreviewed

CVE-2019-6695 was published May 24, 2022

It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be... High Unreviewed

CVE-2019-10181 was published May 24, 2022

In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file... Moderate Unreviewed

CVE-2019-12804 was published May 24, 2022

A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow... High Unreviewed

CVE-2019-1932 was published May 24, 2022

Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP2002... High Unreviewed

CVE-2019-12504 was published May 24, 2022

A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack... Moderate Unreviewed

CVE-2019-1880 was published May 24, 2022

This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions... Moderate Unreviewed

CVE-2019-5431 was published May 24, 2022

Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the... High Unreviewed

CVE-2019-3786 was published May 24, 2022

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is... Critical Unreviewed

CVE-2019-11235 was published May 24, 2022

resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier,... Moderate Unreviewed

CVE-2014-4883 was published May 17, 2022

The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated... High Unreviewed

CVE-2014-5406 was published May 17, 2022

** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in... High Unreviewed

CVE-2015-2908 was published May 17, 2022

Previous 1 2 … 6 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

266 advisories