GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
33 advisories
Filter by severity
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management...
Critical
Unreviewed
CVE-2022-20658
was published
Jan 15, 2022
Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability....
High
Unreviewed
CVE-2021-36338
was published
Jan 22, 2022
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data...
High
Unreviewed
CVE-2021-22806
was published
Feb 12, 2022
FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV)...
High
Unreviewed
CVE-2012-2979
was published
Apr 23, 2022
Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent...
Moderate
Unreviewed
CVE-2004-0872
was published
Apr 29, 2022
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote...
Moderate
Unreviewed
CVE-2002-0055
was published
Apr 30, 2022
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX...
Moderate
Unreviewed
CVE-2017-14013
was published
May 13, 2022
The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL...
Critical
Unreviewed
CVE-2016-5062
was published
May 17, 2022
In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is...
High
Unreviewed
CVE-2019-11770
was published
May 24, 2022
SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without...
High
Unreviewed
CVE-2019-1020011
was published
May 24, 2022
Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side...
High
Unreviewed
CVE-2018-17791
was published
May 24, 2022
D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a...
High
Unreviewed
CVE-2019-13263
was published
May 24, 2022
V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability....
Moderate
Unreviewed
CVE-2020-6862
was published
May 24, 2022
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly...
High
Unreviewed
CVE-2020-1048
was published
May 24, 2022
An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a...
High
Unreviewed
CVE-2020-15892
was published
May 24, 2022
The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user...
Critical
Unreviewed
CVE-2020-24683
was published
May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control...
Moderate
Unreviewed
CVE-2020-27268
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another...
High
Unreviewed
CVE-2021-20411
was published
May 24, 2022
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A...
Moderate
Unreviewed
CVE-2021-21544
was published
May 24, 2022
Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass...
High
Unreviewed
CVE-2021-21531
was published
May 24, 2022
A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4...
High
Unreviewed
CVE-2021-22900
was published
May 24, 2022
Firefox used to cache the last filename used for printing a file. When generating a filename for...
Moderate
Unreviewed
CVE-2021-29960
was published
May 24, 2022
In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an authenticated attacker can...
Moderate
Unreviewed
CVE-2021-34574
was published
May 24, 2022
The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low...
High
Unreviewed
CVE-2021-24602
was published
May 24, 2022
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow...
High
Unreviewed
CVE-2022-30236
was published
Jun 3, 2022
ProTip!
Advisories are also available from the
GraphQL API